# Exploit Title: Advanced Medal System SQL Injection # Google Dork: inurl:advmedsys_view.php # Date: 6/18/13 # Exploit Author: Life Wasted and Caspa # Vendor Homepage: http://e107.org/e107_plugins/psilo/list.php?mode=plugin&id=699 # Software Link: http://e107.org/e107_plugins/psilo/psilo.php?download.699 # Version: 1.42 # Tested On: Linux Vulnerable Code (advmedsys_view.php): // Lines 17-23 if (e_QUERY) { $tmp = explode('.', e_QUERY); $action = $tmp[0]; $sub_action = $tmp[1]; $id = $tmp[2]; unset($tmp); } // Line 232 $sql->db_Select("advmedsys_awarded", "*", "WHERE awarded_user_id = $sub_action",""); Example URL: http://site.com/plugins/advmedsys_view.php?profile.*SQL HERE*
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论