Interactive World SQL Injection

2011-07-16T00:00:00
ID PACKETSTORM:103101
Type packetstorm
Reporter Netrondoank
Modified 2011-07-16T00:00:00

Description

                                        
                                            `Interactive World (index.php) Sql Injection Vulnerability [ Multiple  
Vulnerabilities ]  
==============================================================  
  
####################################################################  
.:. Exploit Title : Interactive World SQL Injection Vulnerability [ Multiple  
Vulnerabilities ]  
.:. Author : Netrondoank aka netron  
.:. My Web : www.indonesiansecurity.info ,indotek.or.id and Ilmuhacker.org  
.:. Platform/Tested on: Linux  
.:. Version : none  
.:. Software Link: : http://www.interactive-world.com  
.:. Dork : "Powered By Interactive World"  
  
####################################################################  
  
.:. Exploit  
  
===[ SQL Injenction ]===  
http://www.site.com//news_desc.php?Id=[Sqli]  
  
  
Xss  
===[ XSS/HTML Injection ]===  
http://site/path/latest_news_next.php?id=89&news_type=[XSS ATTACK HERE]  
  
  
####################################################################  
  
[+] Spesial thanks to all friend @ site : IndonesianSecurity.info +  
codenesia.com  
+palembangHackerlink.org + Blitar hackerlink dot org + hacker newbie dot org  
+ binus hacker dot org +  
+indonesianblogger.org + kimmonosz (kimmonosz.tk) + jos ali joe (  
exploit-id.com) + dewancc (dawnc0de.com)  
+pokeng + budi anja (biohazzard) +klicak + dymaz spyro (gaya rambutmu leh  
ditiru)  
+doni mustofa anak2 uin jakarta + crashblack here + hmei7 + junbad (  
indonesiancoder.com) + skutengboy (maapin gua bro)  
+ almh viroes banditc0de + ares blue screen (jgn maen mulu loh skripsi  
urusin) + budi_spielberg (met nikah yee) + om leman (indonesiancyber.org)  
  
[+] Lamer juga manusia punya otak  
[+] ku cinta padamu susi tapi dirimu tak cinta padaku .wkwkwkwkw  
[+] jos ali joe , thx to notice for submit my poc to exploit-id.com  
`