Dede CMS – SQL Injection

Exploit Database
92 阅读

作者： CWH & Nafsh

日期： 2011-12-30
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18292/

# Dede Cms All Versions Sql Vulnerability Exploit
# </ No Priv8 , Everything is Public >
# Date: 30/12/2011 - 13:00
# Author: [ CWH ] | Finded By : Nafsh
# We Are : Mr.M4st3r , Nafsh , Skote_Vahshat , HijaX
# Support: Cyberwh.org
# Mail: Nafsh@live.com
# Software Website: http://www.dedecms.com
# Security Risk: High
# Platform: Php

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[$] Dorks:inurl:"id" "DedeCMS Error Warning!"

[#] Vulnerable Files : 

/list.php?id=[sql]
/members.php?id=[sql]
/book.php?id=[sql]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
</ No Priv8 , Everything is Public >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#Cyberwh.org

last Exploits
Dede CMS – SQL Injection的更多信息

Fome SMS Portal 2.0 – SQL Injection：
Phpwcms 1.9.30 – Arbitrary File Upload：
ZeroClipboard 1.9.x – ‘id’ Cross-Site Scripting：
sandbox 2.0.3 – Multiple Vulnerabilities：
Longjing Technology BEMS API 1.21 – Remote Arbitrary File Download：
AirOS NanoStation M2 5.6-beta – Multiple Vulnerabilities：
GlassFish Server – Arbitrary File Read：
Draytek VigorAP 1000C – Persistent Cross-Site Scripting：