Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-89 | N/A | N/A |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
JulyInfo | High | Remote | 2019-11-17 |
--------------------------------------------------------- # Exploit Title: Design By Julyinfo. - SQL Injection Vulnerability # Date: 2019-11-14 # Exploit Author: FreeBuzz Team # Vendor Homepage: http://www.websmileindia.com/ # Team Mail : [email protected] # Tested on: Ubuntu --------------------------------------------------------- Google Dork: intext:"Design By Julyinfo" inurl:".php?id= inurl:"/mana_php/" [This admin page you can find it then browser SQL parameters in Home page] - Demo: http://www.realycorp.com.tw/works_detial.php?b_id=36[SQLi] http://www.depoan.com/news-detial.php?newId=96[SQli] https://www.twsgi.org.tw/news-detail.php?n_id=7998[SQli] http://www.unionchemical.com.tw/products_list_food.php?level1_id=10[SQli] http://www.labvolt-taiwan.com/new_info.php?b_id=24[SQLi] ---------------------------------------------------------- # Discovered by Unkn0wn[[email protected]] # https://github.com/0x9a # We Are : AloneGhost - VeNoM - Agent Haze - Old_One - Unkn0wn FreeBuzz Team @ 2012-2019 [FRB]
Copyright ©2024 Exploitalert.