A Web Site 4 All SQL Injection

2012-01-12T00:00:00
ID PACKETSTORM:108637
Type packetstorm
Reporter 3spi0n
Modified 2012-01-12T00:00:00

Description

                                        
                                            `# Exploit Title: A Web Site 4 All Sql Injecti0n Vulnerability  
# Date: 12/01/2012 - 00.36  
# Author: 3spi0n  
# Software Website: http://www.awebsite4all.com/  
# Tested On: BackTrack 5 - Win7 Ultimate  
# Platform: Php  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
[$] Demo Sites:  
  
http://www.panchayats.in/php/showPanchNewsDetails.php?linkid=79%22&newsid=25[PhpSQLi]  
  
[$] Vulnerable File:  
  
News.php?newsid= And Like.  
  
[$] Admin Panel:  
  
/webadmin  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Dar bi Koridor Benimki, Kendimi Aradigim.  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
- Mr.PaPaRoSSe And 3spi0n -  
  
Bug Researcher Group - TURKEY  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
`