iwebnegar.txt

2004-12-30T00:00:00
ID PACKETSTORM:35357
Type packetstorm
Reporter karchack.com
Modified 2004-12-30T00:00:00

Description

                                        
                                            `  
  
----------------www.karchack.com----------------  
----------------www.karchack.net----------------  
describtion :  
iwebnegar is farsi weblog software written in php   
http://iwebnegar.co.sr  
  
---------  
  
vulnerabilities :  
all files seems to be vulnerable such as comments.php , index.php and also administrator login page  
-------------  
  
proof of concept :  
for example you can use this link to inject the sql server  
http://site/weblog/index.php?string=[sql injection code]  
----------------  
  
  
www.karchack.com  
www.karchack.net  
`