bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17316.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

35 lines
No EOL
1 KiB
Text
Raw Permalink Blame History

# Exploit Title: SQL Injection Vulnerbility in PHP Portfolio
# Google Dork: "Powered by PHPortfolio"
# Date: 23/5/2011
# Author: lionaneesh
# Software Link: http://outshine.com/phportfolio/ http://www.outshine.com/software/phportfolio/intro.php
# Risk Level : High
# A hacker can get admin access to web database leading to further
attacks , Shelling and Rooting of server
POC :-
http://[sitename]/[pathToApplication]/photo.php?id=%InjectHere%
Sample :-
http://site.com/work/photo.php?id=%injectHere%19
--------------------------------------------------------------------------------
================================================================================
lionaneesh
Catch my News : http://www.thehackernews.com/search?q=lionaneesh
Greetz to : lucky(indishell) , Aasim Shaikh(indishell) , Team
Indishell , Team ICA
Hack For INDIA , Live for INDIA
================================================================================
--------------------------------------------------------------------------------
--
Thanks
Aneesh Dogra (lionaneesh)
Reference in a new issue View git blame Copy permalink