Dede CMS – SQL Injection

Exploit Database
9 阅读

作者： CWH & Nafsh

日期： 2011-12-30
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18292/

# Dede Cms All Versions Sql Vulnerability Exploit
# </ No Priv8 , Everything is Public >
# Date: 30/12/2011 - 13:00
# Author: [ CWH ] | Finded By : Nafsh
# We Are : Mr.M4st3r , Nafsh , Skote_Vahshat , HijaX
# Support: Cyberwh.org
# Mail: Nafsh@live.com
# Software Website: http://www.dedecms.com
# Security Risk: High
# Platform: Php

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[$] Dorks:inurl:"id" "DedeCMS Error Warning!"

[#] Vulnerable Files : 

/list.php?id=[sql]
/members.php?id=[sql]
/book.php?id=[sql]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
</ No Priv8 , Everything is Public >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#Cyberwh.org

last Exploits
Dede CMS – SQL Injection的更多信息

Ajaxel CMS 8.0 – Multiple Vulnerabilities：
Mambo 4.6.x < 4.6.5 - SQL Injection：
Atlassian Confluence 5.2/5.8.14/5.8.15 – Multiple Vulnerabilities：
Pet Listing Script 3.0 – SQL Injection：
Direct News 4.10.2 – Multiple Remote File Inclusions：
E-Commerce System 1.0 – Unauthenticated Remote Code Execution：
Affiliate Niche Script 3.4.0 – SQL Injection：
System Shop – ‘Module aktka’ SQL Injection：