openSIS Student Information System SQLi

2019.03.26

wajidareeb (AF)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intitle:"openSIS Student Information System"

openSIS Student Information System SQLi vulnerabilities.
:sqli type= Blind SQL Injection
:Vulnerable parameter = u
=================================
Vulnerable url = http://www.studentportal.neuroaro.gov.ng/ForgotPassUserName.php?form=pass_email&u=SQLi&used_for=email&username=e&user_type=parent
=============================================
exploiter:
wajidareeb first afghan exploiter
======================================
http:facebook.com/0wajid

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

openSIS Student Information System SQLi

Dork: intitle:"openSIS Student Information System"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.