ID MYHACK58:62201132514
Type myhack58
Reporter 佚名
Modified 2011-12-04T00:00:00
Description
Title: Con-IMedia SQL inj: vulnerable
Author: nGa Sa Lu [ GaNgst3r ]
Test platform: Vista
Programming language : php
================================================================
SQL Error Statement :
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in
/homepages/18/d158663934/htdocs/moneysystems/modules/mod_main.php on line 9 2
[+] http://www.badguest.cn/index1.php?linkid=[your SQL HERE]
[+] Demo :
Repair
Filter index1. php page linkid parameter input for digital
{"id": "MYHACK58:62201132514", "hash": "2a3bc67acfd36b3db05c6588e12f41b07081cac938938e8bfea39d77128e3807", "type": "myhack58", "href": "http://www.myhack58.com/Article/html/3/62/2011/32514.htm", "history": [], "viewCount": 0, "published": "2011-12-04T00:00:00", "hashmap": [{"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "42a9e9f7d292e09b5b324db15fae1d4f", "key": "description"}, {"hash": "1f60c7b9e8d303c06a29446a1b7e9949", "key": "href"}, {"hash": "f56df5f5146c38921103999e323a3092", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "f56df5f5146c38921103999e323a3092", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "645396391020478112635e14b34a0f8b", "key": "reporter"}, {"hash": "618bd85be3dbb36e48a09cb21e5f1fcf", "key": "title"}, {"hash": "0665a8b0792e65b50ab13aef58a018dc", "key": "type"}], "references": [], "objectVersion": "1.2", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-11-08T21:27:04"}, "vulnersScore": 7.5}, "cvelist": [], "modified": "2011-12-04T00:00:00", "title": "Con-IMedia SQL injection flaws and fixes-vulnerability warning-the black bar safety net", "description": "Title: Con-IMedia SQL inj: vulnerable \n\nAuthor: nGa Sa Lu [ GaNgst3r ] \n\nTest platform: Vista \n\nProgramming language : php \n\n================================================================\n\nSQL Error Statement :\n\nWarning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in\n\n/homepages/18/d158663934/htdocs/moneysystems/modules/mod_main.php on line 9 2 \n\n[+] http://www.badguest.cn/index1.php?linkid=[your SQL HERE]\n\n[+] Demo :\n\nRepair\n\nFilter index1. php page linkid parameter input for digital\n", "bulletinFamily": "info", "reporter": "\u4f5a\u540d", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2016-11-08T21:27:04"}
{}
