Profshop SQL injection vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201130469
Type myhack58
Reporter 佚名
Modified 2011-05-15T00:00:00


Vulnerability description: Profshop (cms_display.php)since the filter is not strict, resulting in sql blind injection vulnerability.

Vulnerability type: sql injection, ascript injection, blind injection, injection vulnerabilities

Vulnerability Publisher/date: Caddy-Dz/2011-05-14

Google keywords: intext:"powered by Profshop. co. uk"

Vulnerability test:

POC: the [*] returns the correct [*] returns an error[SQLI] [*] POC

Demo: the