Dede(织梦) CMS SQL Injection Vulnerability

测试方法:

@Sebug.net   dis
本站提供程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!

1. # Dede Cms All Versions Sql Vulnerability Exploit
2. # </ No Priv8 , Everything is Public >
3. # Date: 30/12/2011 - 13:00
4. # Author: [ CWH ] | Finded By : Nafsh
5. # We Are : Mr.M4st3r , Nafsh , Skote_Vahshat , HijaX
6. # Support: Cyberwh.org
7. # Mail: [email protected]
8. # Software Website: http://www.dedecms.com
9. # Security Risk: High
10. # Platform: Php
12. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
14. [$]Dorks: inurl:"id""DedeCMS Error Warning!"
16. [#] Vulnerable Files :
18. /list.php?id=[sql]
19. /members.php?id=[sql]
20. /book.php?id=[sql]
22. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
23. </NoPriv8,EverythingisPublic>
24. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>