CVE-2008-6438

This exploit demonstrates a SQL injection vulnerability in the e107 Plugin macgurublog_menu via the 'uid' parameter. It allows an attacker to extract user credentials (username and password) from the e107_user table.

This Perl script exploits a SQL injection vulnerability in e107 Plugin BLOG Engine v2.2 to extract admin credentials (username and password hash) from the database. It constructs a malicious SQL query via URL manipulation and parses the response to extract sensitive information.

This Perl script exploits a blind SQL injection vulnerability in e107 Plugin BLOG Engine v2.2 to extract the admin user's password hash. It uses a brute-force approach to determine each character of the MD5 hash by checking responses from the target server.

This is a writeup describing a blind SQL injection vulnerability in the e107 Plugin BLOG Engine v2.2. It explains the vulnerability in macgurublog.php where the 'uid' parameter is directly used in a SQL query without sanitization, allowing for blind SQL injection attacks.