DEVILART S.C Sql Injection Vulnerability

2017.01.20

Ashiyane Digital Security Team (CH)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: "inurl : index.php?id=tcvduqrj intext:Warning+mysql_fetch_array"

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||* ||*||*||*||*|
|-------------------In The Name Of God------------------------|
|[+] Exploit Title : DEVILART S.C Sql Injection Vulnerability
|[+] Exploit Author : Ashiyane Digital Security Team
|[+] Vendor Homepage : http://www.devilart.pl
|[+] Google Dork : " inurl : index.php?id=tcvduqrj intext:Warning+mysql_fetch_array"
|[+] Tested on : Windows 10 ~~> Mozilla Firefox
|[+] Contact: shahroukh06@gmail.com
|[+] Date : 1/19/2017
|[+]======================================|
|[+] Proof:
|[+]
|[+] http://www.jmmmeble.pl/index.php?id=tcvduqrj [SQLI]
|[+] http://montazecnc.pl/index.php?id=tcvduqrj [SQLI]
|[+] http://formatkimeblowe.com.pl/index.php?id=tcvduqrj [SQLI]
|[+] http://leasing-kalkulacja.pl/index.php?id=tcvduqrj [SQLI]
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||* ||*||*||*||*|
|[+] Discovered By : sir shahroukh
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||* ||*||*||*||*| 

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

DEVILART S.C Sql Injection Vulnerability

Dork: "inurl : index.php?id=tcvduqrj intext:Warning+mysql_fetch_array"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.