-
-
[转帖]AneCMS SQL Injection Vulnerability in /registre/next
-
发表于:
2010-8-25 11:11
1739
-
[转帖]AneCMS SQL Injection Vulnerability in /registre/next
############################################################################
# #
# Exploit Title: anecms SQli #
# #
# Date: 23/08/2010 #
# #
# Software Link: anecms.com #
# #
# Download: anecms.com/anecms.zip #
# #
# Version: All #
# #
# Tested on: WinXp sp3 #
# Description : anecms is an open source blog manager #
# #
# #
# #
############################################################################
Sqli:
The POST variable username has been set to sweet'" on http://vulnerable.com/register/next
Poc:
http://www.example.com/register/next
username = Sweet'"
password = test
re password = test
email = charif38@hotmail.fr
then register :]
screen : http://img830.imageshack.us/img830/1213/anecm.jpg
Saha Ftourkoum et 1,2,3 viva L'Algerie :))
[课程]Linux pwn 探索篇!
