DCS self MNS product SQL Injection Vulnerability

2011.03.30

Credit: eXeSoul

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

###
# Title : DCS self MNS product SQL Injection Vulnerability
#
# Author: eXeSoul
#
# Home : www.indishell.in or www.andhrahackers.com
#
# Email : exe.soul@live.com
#
# date : 29/3/2011
#
# d0rk:- DCS &#232; un prodotto MNS completamente autogestito e dato in utilizzo al cliente presso i nostri server Web
#
#
# category : Web Apps [SQli]
#
###
###
#
#
#
# Go To Site :-
#
# *SQL injection Vulnerability*
#
#
# [+]http://site.com/viewProduct.php?id=524'
# [+]http://site.com/viewProduct.php?id=[SQLI]
# [+]http://site.com/viewNewsAll.php?id=130'
# [+]http://site.com/viewNewsAll.php?id=[SQLI]
#
# [+] mostly all php files like .php?id=[sqli] are vulnerable.!
#
# => PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam
#
# => c0d3 for motherland, h4ck for motherland
#
#
# [#] DOne now time to rock \m/
#
###
<3 Love: -[SiLeNtp0is0n]-, stRaNgEr(lucky), inX_rOot, NEO H4cK3R, DarkL00k, Th3 RDX,
G00g!3 W@rr!0r, Nazz ,r45c4l, str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor , Bon3 ,
Badboy-Albinia, Mr.SK , I-H Guru,X__HMG, AK-47, [ICW] [Andhra Hackers], Ethical N00b,Maxy,Brueni,
[Indishell crew]
###
#
# Bug discovered : 29 March 2011
###
#
# Jay Mahadev.!! Jay shree Ram.!! jay Shree krishna.!! Jay hind.!!
#
###
# 1337day.com [2011-03-29]

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

DCS self MNS product SQL Injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.