Universitas Pendidikan Ganesha CMS SQLi Vulnerability

Published
Credit
Risk
2017.08.04
Berandal | OWL SQUAD
Medium
CWE
CVE
Local
Remote
CWE-89
N/A
No
Yes
Dork: intext:"Copyright © 2011 Universitas Pendidikan Ganesha"

+++++++++++++++++++++++++
Google Dork : intext:"Copyright © 2011 Universitas Pendidikan Ganesha"
Tested on : Windows - Havij 1.16 Pro
********************************************
[+] Dorking in google or other search engine
[+] Go to SQL injection link : http://www.site.com/cms/index.php?c=Kontak&md=mn&kid=1413
[+] Go to the admin panel : http://www.site.com/path/cms/index.php?c=Kontak&md=mn&kid=1413
********************************************
DEMO :
http://adikpapua.undiksha.ac.id/index.php?c=Kontak&md=mn&kid=1413
********************************************
~ \ We Are / ~
Artefvcker | Arrownonymous | Berandal | Blck0Wl? | Clutzsec | GoC_X | k4luga | KxK_PrajurID
ShoursCout | WoNg_Nd35O | Yonkou4 | ZEUS | 0wLCulun | "Samael" | ./ARMVXO

References:

http://www.facebook.com/owlsquad.id
http://www.twitter.com/id_berandal


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com