Ritmos do Coração - SQL Injection

2021.03.30
br uromulou (BR) br
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Hey what's up? Website : ritmosdocoracao.org.br Vulnerability : SQL Injection Discovered by @uromulou 1 . Go to https://ritmosdocoracao.org.br/detalhe-projeto.php?Id=8 2 . Test SQL Injection, https://ritmosdocoracao.org.br/detalhe-projeto.php?Id=8' 3 . It is return SQL error 4 . To exploit, with tools such as sqlmap or others, or if you know, attack with your hands! Example with sqlmap : sqlmap --url https://ritmosdocoracao.org.br/detalhe-projeto.php?Id=8 --dbs

References:

https://www.cloudflare.com/learning/security/threats/sql-injection/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top