Web Design itemDesc.php site sql injection

2018.07.29
ir Guardiran Security Team (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: itemDesc.php?CartId=

# Exploit Title : Web Design itemDesc.php site sql injection # Exploit Author : Guardiran Security Team # Vendor Homepage http://mpaying.com # Google Dork : itemDesc.php?CartId= my team: Guardiran Security Team http://guardiran.org/profile/25294-rednofozi/ # category : webapps # Tested on : Win8 , Kali Linux me:rednofozi@yahoo.com insta:vol.81 Proof of Concept : search google Dork : itemDesc.php?CartId= Demo : http://mpaying.com/checkout1.php?id=237' (sql-injection # Discovered by : Rednofozi Long live SistanAs long as I live in my body, I defend this soilLong live Seyyed Ali Khamenei guard iran hackers tnx to :REX , DeMoN, C0d3!Nj3ct!0n ,Mr.Python , virtual_hate Comrade،, JOK3R , Ruiner , mr_null - 1TED

References:

iran


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top