phpMyRealty

分类:安全 | 2011-08-20 | 撸过 67 次
0人扯谈

标题: [phpMyRealty <= v. 1.0.7 SQL Injection Vulnerability] 关键词: [intext:Sort By: Submission Date | Bedrooms | Bathrooms | Price (ASC) | Price (DESC)] 作者: [H4T$A] 下载: [http://www.phpmyrealty.com/] 版本: [v. 1.0.7] # |Contact:newboy62@live.com #Gr33tz f0r th3 >> best egyption hacker >>> H4T$A
||=========================================================================================
本问题影响该程序所有版本

Exploit :
https://www.webshell.cc/search.php?seed=640′

用 Haivj等SQL注射工具就简单了

remember you will change the link to >> ||search.php?seed=-640||before
start using Haivj 🙂

修复:过滤 search.php页面 seed参数输入

本站内容均为原创,转载请务必保留署名与链接!
phpMyRealty:https://www.webshell.cc/621.html
标签:

相关日志