pGB 2.12 – ‘kommentar.php’ SQL Injection

Exploit Database
17 阅读

作者： 3spi0n

日期： 2012-01-18
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18383/

# Exploit Title: pGB 2.12 SQL Injection Vulnerability
# Date: 18/01/2012 - 03.52
# Author: 3spi0n
# Software Website: http://www.powie.de/
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable File:

[~] kommentar.php

[$] Demo Sites:

[~] http://server/kommentar.php?id=117'
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Dar bi Koridor Benimki, Kendimi Aradigim.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

- Mr.PaPaRoSSe And 3spi0n -

Bug Researcher Group - TURKEY

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

last Exploits
pGB 2.12 – ‘kommentar.php’ SQL Injection的更多信息

Joomla! 1.6 – Multiple SQL Injections：
Resin Application Server 4.0.36 – Source Code Disclosure：
RSVP Invitation Online 1.0 – Cross-Site Request Forgery (Update Admin)：
WirelessFiles 1.1 iPad iPhone – Multiple Vulnerabilities：
WordPress Plugin ClickDesk Live Support 2.0 – ‘cdwidget’ Cross-Site Scripting：
iOffice 0.1 – ‘parametre’ Remote Command Execution：
TP-Link C50 Wireless Router 3 – Cross-Site Request Forgery (Remote Reboot)：
Sciretech (Multiple Products) – Multiple SQL Injections：