PHP Gift Registry 1.5.5 – SQL Injection

• Exploit Database
• 131 阅读

• 作者： G13
  日期： 2012-02-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18519/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

  # Exploit Title: PHP Gift Registry 1.5.5 SQL Injection # Date: 02/22/12 # Author: G13 # Software Link: https://sourceforge.net/projects/phpgiftreg/ # Version: 1.5.5 # Category: webapps (php) #   ##### Vulnerability #####   The userid parameter in the users.php file is vulnerable to SQL Injection.   A user must be signed in to exploit this.   ##### Exploit #####   http://localhost/phpgiftreg/users.php?action=edit&userid=[SQLi]