Telecommunication Infrastructure Company Portal SQL INJECT Vulnerabilities

2018.03.25

E1.Coders (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: site:stats.tic.ir inurl:index.php?id=1 # site:stats.tic.ir inurl:?id=1

#########################################################################################################################
#                                                                                                                       #
# Exploit Title : Telecommunication Infrastructure Company Portal SQL INJECT  Vulnerabilities                           #
#                                                                                                                       #
# Author        : E1.Coders                                                                                             #
#                                                                                                                       #
# Contact       : E1.Coders [at] Mail [dot] RU                                                                          #
#                                                                                                                       #
# Portal Link   : www.tic.ir                                                                                            #
#                                                                                                                       #
# Security Risk : Medium                                                                                                #
#                                                                                                                       #
# Description   : All target's Iranian GOVERMENT websites                                                               #
#                                                                                                                       #
#  DorK         : "site:stats.tic.ir inurl:index.php?id=1"                                                              #
#  DorK         : "site:stats.tic.ir inurl:?id=1"                                                                       #
#                                                                                                                       #
#########################################################################################################################
#                                                                                                                       #
#  Expl0iTs:                                                                                                            #
#                                                                                                                       #
#  1: https://www.mci.ir/Notrino-Comics?story=1'                                                                        #
#                                                                                                                       #
#  2: https://www.mci.ir/Notrino-Comics?story=2'                                                                        #
#                                                                                                                       #
#########################################################################################################################
#                                                                                                                       #
#                                        | Security Is JOCK  |                                                          #
#                                                                                                                       #
#                                        | Russian Black Hat |                                                          #
#                                                                                                                       #
#########################################################################################################################

 

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Telecommunication Infrastructure Company Portal SQL INJECT Vulnerabilities

Dork: site:stats.tic.ir inurl:index.php?id=1 # site:stats.tic.ir inurl:?id=1

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.