Advanced Image Hosting 2.2 – ‘index.php’ SQL Injection

• Exploit Database
• 13 阅读

• 作者： keracker
  日期： 2011-04-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17103/

• ==========================================
  Advanced Image Hosting v2.2 SQLi Vulnerability
  ==========================================
  
  [~]######################################### InformatioN
  #############################################[~]
  
  [~] Title : Advanced Image Hosting v2.2 SQLi Vulnerability
  [~] Author: keracker
  [~] Vendor or Software Link: http://yabsoft.com
  [~] Email : keracker@gmail.com
  [~] Data: 2011-04-01
  [~] Google dork: "Powered by: AIH v2.2"
  [~] Category:[Webapps]
  [~] Tested on: [Windows /php]
  
  [~]######################################### ExploiT
  #############################################[~]
  
  [~] Vulnerable File :
  
  http://localhost:80/advanced-image-hosting-v2.2/index.php
  
  [~] Vulnerable Variables :
  The POST variable: gallery_id
  The POST variable: showlinks
  The POST variable: gal
  The POST variable: id
  The POST variable: type
  The POST variable: email
  The POST variable: emaillinks
  The POST variable: allbox
  The POST variable: pages
  The GETvariable:
  http://localhost/Advanced-Image-Hosting-V2.2/index.php?showlinks=1&viewmode=0&gallery_id=[SQLi]
  [~]######################################### ThankS To ...
  ############################################[~]
  
  [~] IRANIAN Young HackerZ # Persian Gulf
  
  [~]######################################### FinisH :D
  #############################################[~]################[~]