Designed by EMH SQL Injection

2018.08.20

Mehdi Razmjoo (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

# Exploit Title:  SQL Injection in “ Designed by EMH “
#-----------------------------------------------------------------------------------------
# Exploit Author:  Mehdi Razmjoo ( razmjumehdi@gmail.com )
#-----------------------------------------------------------------------------------------
# Date: 2018.08.20
#-----------------------------------------------------------------------------------------
# Vendor Homepage:  http://www.theemhglobal.com
#-----------------------------------------------------------------------------------------
# Category: Web Application
#-----------------------------------------------------------------------------------------
# Dork: —
#-----------------------------------------------------------------------------------------
# Vulnerability Path:   http://Server/certification_details.php?id=[SQLi]
#-----------------------------------------------------------------------------------------
#Tested On:  Firefox - Safari
#-----------------------------------------------------------------------------------------
# 

http://www.ghanatimber.org/certification_details.php?id=12

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Designed by EMH SQL Injection

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Designed by EMH SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.