Noict SQL Injection Vulnerability

2012.06.01
Credit: Dr.LoranS
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: Powered by: NOICT Developers Co & inurl:/default.asp?lang_id

ExpLoit Title : Noict SQL Injection Vulnerability GooGle Dork : Powered by: NOICT Developers Co & inurl:/default.asp?lang_id Data : 2012/ 5 / 31 Author : Dr.LoranS E-Mail : Gro7@Hotmail.com Swftware Link : http://noict.com version : all Tested on : Windows 7 Greetz to : King of control , Dr.5rab , Al-swisre , Dr.Br8 , Islamic Ghosts Team , v99x.com Demo : http://icsacxxonf.ir/icste/default.asp?lang_id=2 http://www.cmxxemaz.com/e-health/Default.asp?lang_id=2 http://www.icxxecc.net/detail.asp?lang_id=2&id=37 So, we can inject sql with the /detail.asp?lang_id variable, like that : http://[site]/[path]/detail.asp?lang_id=[SQL injection]

References:

http://noict.com


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top