Webloader v8 Remote SQL Injection Vulnerability

2010-05-24 10:30:55

[~] Title: Webloader v8 SQL Injection Vulnerability

[~] Date: 16.05.2010

[~] Script Home: www.webloader.org

[~] Author: ByEge

[~] Homepage: byege.blogspot.com

[~][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][~]


[~] vidgoster.php Bug code :

[~] <?
[~] include 'baglan.php';
[~] $vid=temiz($_GET['vid']);

[~] $c=solcek("select * from webvideo where id=$vid");
[~] $va=solarray($c);

[~] ?>


[~] Example :

[~] http://site.com/vidgoster.php?vid=1'


[~][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][~]

[~] Th4nks : Fantastik, MitolocyA, ISYAN,

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.