BlogPHP 2 SQL Injection

2011.08.10
Credit: Yassin Aboukir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: \"Copyright ©2006 Powered by www.blogphp.net\"

###################################################################################### [+] Title : BlogPHP v2 SQL Injection [+] Name : BlogPHP [+] Affected Version : v2 [+] Software Link : http://sourceforge.net/projects/blogphpscript/files/blogphpscript/2.0/BlogPHPv2.zip/download [+] Tested on : (L):Vista & Windows Xp and Windows 7 [+] Dork : Google Dork: "Copyright ©2006 Powered by www.blogphp.net" [+] Date : 09/08/2011 ####################################################################################### [+] Author : Yassin Aboukir [+] Contact : 01Xp01@Gmail.com [+] Site : http://www.yaboukir.com ####################################################################################### # Special thanks to Paul Maaouchy for his First found in Members.html. -- See More : http://www.exploit-db.com/exploits/17640/ ####################################################################################### [+] Error : Operating Systems: Warning: Division by zero in /home/Username/public_html/index.php on line 520 Unknown (0%) Browsers: Warning: Division by zero in /home/Username/public_html/index.php on line 552 Unknown (0%) [+] How to exploit : http://localhost/Path/index.php?act=stats&day=09&month=08&year=2011[SQL Me] [+] Fix : upgrade to last release (v3)


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top