"Powered by PHPBack"

  • 日期:2020-04-16
  • 类别:
  • 作者:Alexandros Pappas
  • 语法:"Powered by PHPBack"
  • # Google Dork: "Powered by PHPBack"

    # By using this dork, sites "Powered by PHPBack" can be found. PHPBack
    v1.3.0 is vulnerable to Boolean blind and error based SQL Injection in the
    'orderby' parameter. By sending SQL Injection query using MySQL XPATH
    function ExtractValue() we can grab information from the errors generated.
    This dork is linked to the following existing exploit:
    https://www.exploit-db.com/exploits/39711

    # Date: 07/04/2020

    # Author: Alexandros Pappas