Secure Download Links – ‘dc’ SQL Injection

Exploit Database
19 阅读

作者： Ihsan Sencan

日期： 2017-03-19
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/41636/

# # # # #
# Exploit Title: Secure Download Links - SQL Injection
# Google Dork: N/A
# Date: 19.03.2017
# Vendor Homepage: http://sixthlife.net/
# Software: http://sixthlife.net/product/secure-download-links/
# Demo: http://www.satyamtechnologies.net/secdown/example.php
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# #ihsansencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/download.php?dc=[SQL]
# # # # #

last Exploits
Secure Download Links – ‘dc’ SQL Injection的更多信息

BS Auction – SQL Injection：
E Sms Script – Multiple SQL Injections：
KCFinder 2.2 – Arbitrary File Upload：
PHPBB2 Plus 1.53 – ‘kb.php’ SQL Injection：
elaniin CMS 1.0 – Authentication Bypass：
OpenCart 3.0.3.6 – Cross Site Request Forgery：
SimpNews 2.47.3 – Multiple Cross-Site Scripting Vulnerabilities：
Katalog Stron Hurricane 1.3.5 – Remote File Inclusion / SQL Injection：