บ้านเว็บไซต์ SQl inj. Vulnerability

2017.07.19
Credit: Shigi
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

##################################################### # Exploit Title : บ้านเว็บไซต์ SQl inj. Vulnerability # Google Dork : intext:"Powered by บ้านเว็บไซต์" inurl:php?id= # Exploit Author : Shigi # Tested On : Windows 7 # Video Link : https://youtu.be/R4uNs51mEgo # Date : 19.07.2017 # Vendor Homepage : http://www.baanwebsite.com/ ##################################################### # [Demo] # http://www.nawaphat.ac.th/news/view.php?id=25 # http://www.mgroup-thailand.com/portfolio/view.php?id=26 # http://www.smartparkthailand.com/activities/view.php?id=9 [Admin Panel] # http://target.com/admin # ########################################### # Discovered By : Shigi # Twitter : @ChtShigi # Youtube Channel : https://www.youtube.com/channel/UCYTnimlKuYAKbPZqcWZE89w

References:

https://youtu.be/R4uNs51mEgo
https://www.youtube.com/channel/UCYTnimlKuYAKbPZqcWZE89w


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top