My Qingfeng SQLI Injection Vulnerability

2017.04.16
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

####################################################### ##################{In The Name Of God}################# ####################################################### ############################################ # Exploit Title:My Qingfeng SQLI Injection Vulnerability # Date: Sunday, April 16, 2017-04-16 # Author: Ashiyane Digital Security Team # Vendor Homepage : http://www.myqingfeng.cn # Tested On : Windows 10 / Chrome ############################################ ######## # Google Dork : intext:myqingfeng.cn inurl:.php?nid= ######## ######## # Demo 1 : http://www.lyssy.com.cn/newsInfo.php?nid=[SQLI] # # Demo 2 : http://www.jzjscc.com/newsInfo.php?nid=[SQLI] # # Demo 3 : http://www.hnzbo.com/newsInfo.php?nid=[SQLI] # # Demo 4 : http://wufangjc.com/newsInfo.php?nid=[SQLI] # # Demo 5 : http://www.lyhjks.com/newsInfo.php?nid=[SQLI] # # Demo 6 : http://www.zjhtdoors.com/newsInfo.php?nid=[SQLI] ######## [+][+][+][+][+][+][+][+][+][+][+][+] Discovered By : HackFanS [+][+][+][+][+][+][+][+][+][+][+][+] *=============================================================| | Special Thanks To : Behrooz_Ice? Virangar ,H_SQLI.EMpiRe ? Ehsan Cod3r ? SeRaVo | Und3rgr0und ? Amir.ght ? xenotix? modiret? V For Vendetta ? Alireza ? micle - H.Hemat | r4ouf ? Net Hacker ? 4TT4CK3R ? alcol ? 1TED ? H4554N? shahroukh? Saeid_9n ? CRISIS | Chris ? Muts ? B14CK SPID3R ? MALWaRE43 ? moh3nra021 , Sha4yan , M.R.S.L.Y - Amir Th - Cyber.Defacer | And All Of My Friends ... *=============================================================|


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top