intitle:phpnews.login

  • 日期:2005-08-10
  • 类别:
  • 作者:anonymous
  • 语法:intitle:phpnews.login
  • Vulnerable script auth.php (SQL injection)--- from rst.void.ru ---Possible scenario of attack:[1] log in admin panel, using SQL injection[2] upload PHP file through "Upload Images" function (index.php?action=images) and have fun with php shellor edit template (index.php?action=modtemp) and put backdoor code into it.-------------------------http://www.securityfocus.com/bid/14333/infohttp://rst.void.ru/papers/advisory31.txtThe version number may be found sometimes in error messages.