Top Business Advertising SQL Injection vulnerability

2016.03.23
Credit: Iran Cyber Security Group
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:Powered By Top Business Advertising inurl:.php?newsId=

[+][+][+][+][+][+][+][+][+][+] Exploit Title : Top Business Advertising SQL Injection vulnerability Exploit Author : Iran Cyber Security Group Discovered By : 0x3a Date : 18 March 2015 Vendor HomePage : www.topbusinessadv.com Google Dork : intext:Powered By Top Business Advertising inurl:.php?newsId= [+][+][+][+][+][+][+][+][+][+] [*]SQL Injection : This Page Are Vulnerable : 1- news.php 2- newsdetail.php [*]Search The Dork And Choose Any Target And Start Your SQL Injection Attakcs [*]Demo : [*]1) agor.com/aboutus.php?newsid=1' [*]2) perfumeunlimited.net/contactus.php?newsid=3' [*]3) helfenandwahren.com/newsdetail.php?newsid=5' [*]4) aircoustics.com/productdetail.php?newsid=179' [*]5) altawashtech.com/services.php?newsid=1' [*]We Are : MOHAMMAD-NOFOZI , root3r , jok3r , pi.hack , 0day , whitewolf , MrS4jj4d , MoHaMad-Bl4ck , l3gi0n , mr.turk , nazanin_wild , Pr0mis , 0xdevil , king_k4li [*]Join Us : WWW.iran-cyber.net


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top