facebook facebook twitter rss

Website designed & developed by saudi SQL

Author: Rednofozi , Published: 06-09-2018
[+] Title                 :-  Website designed & developed by saudi SQL Injection Vulnerability  
[+] Date :- 2018-09-06

[+] Vendor Homepage :- https://www.kandelsa.com/
[+] Version :- All Versions

[+] Tested on :- Linux - Windows

[+] Category :- webapps

[+] Google Dorks :- =php id سعودية


[+] Exploit Author :- Rednofozi

[+] Team name :- Anonysec.org

[+] Official Website :- nadaram :d


[+] Contact :- Rednofozi@yahoo.com



=========================================================

[+] Request Method(s) :- GET / POST



[+] Vulnerable Parameter(s) :- id



[+] Affected Area(s) :- Entire admin, database, Server



[+] About :- Unauthenticated SQL Injection via Multiple Php Files causing an SQL error



########################################################
demoshttps://www.kandelsa.com/Project.php?id=5%27 (___SQL Injection___)
http://www.mysaudiwellness.com/ar/event.php?id=1%27 (___SQL Injection___)

#######################################################
Anonysec hacker iranin
########################################################

=======================================================
# Discovered by : Rednofozi


#--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow

Like us on Facebook :