Free Advertisment CMS – ‘user_info.php’ SQL Injection

• Exploit Database
• 6 阅读

• 作者： XroGuE
  日期： 2010-05-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12572/

• =========================================================
  Free Advertisment cms (user_info.php) SQL Injection Vulnerability
  =========================================================
  ##########################################
  # Name: Free Advertisment cms (user_info.php) SQL Injection Vulnerability
  # Date: 2010-05-11
  # vendor: http://www.laserayaneh.com
  # Author: Ashiyane Digital Security Team
  # Thanks to: khodam :P, Satanic2000,Veron, ... And All Ashiyane Members ...
  # Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
  # Home: www.Ashiyane.org
  ##########################################
  
  [+] Dork: " inurl: user_info.php?user_id= "Or" inurl: index.php?catid= "
  
  
  [+] Vulnerability:
  
  www.site.com/[path]/user_info.php?user_id=[SQLi] 
  www.site.com/[path]/index.php?catid=[SQLi]
  
  
  ##########################################