System werkform (index.php) SQL Injection Vulnerability

2011.08.06
Credit: Net.Edit0r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

################################################### # |Title : System werkform (index.php) SQL Injection Vulnerability # | Software : werkform # | Version : 2.0 # | Date : 3 / 08 / 2011 # | Author : Net.Edit0r # | Contact : Black.hat.tm@Gmail.Com & Net.Edit0r@att.net # | Google Dork : "powered by werkform" # | Vendor : http://www.werkform.at/ # | My Home : http://black-hg.OrG And http://h4ckcity.org ################################################## # | Exploit : # | http://localhost/index.php?gr_id=[SQL] ################################################## # | Greetz : # | DarkCoder | Dr.Niloo | Amir-MaGiC | 3H34N | _Attack_ | Mikili | H3x | D3adlY ################################################## Demo : http://www.mlu-shop.biz/index.php?gr_id=66&k_id=503' http://www.rabino-cars.it/index.php?gr_id=23' http://www.eckl.com/index.php?gr_id=37&k_id=229 ################################################## magic_quotes_gpc :: Off ################################################## I Love Iran And All Iranian People ##################################################

References:

http://www.werkform.at/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top