[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wapkul Beta 3 SQL Injection Vulnerability

Author
Sarahma Security
Risk
[
Security Risk High
]
0day-ID
0day-ID-21302
Category
web applications
Date add
30-09-2013
Platform
php
###################################################################################################################

  ______                                __                                       ______                      
 /      \                              /  |                                     /      \                     
/000000  |  ______    ______   ______  00 |____   _____  ____    ______        /000000  |  ______    _______ 
00 \__00/  /      \  /      \ /      \ 00      \ /     \/    \  /      \       00 \__00/  /      \  /       |
00      \  000000  |/000000  |000000  |0000000  |000000 0000  | 000000  |      00      \ /000000  |/0000000/ 
 000000  | /    00 |00 |  00/ /    00 |00 |  00 |00 | 00 | 00 | /    00 |       000000  |00    00 |00 |      
/  \__00 |/0000000 |00 |     /0000000 |00 |  00 |00 | 00 | 00 |/0000000 |      /  \__00 |00000000/ 00 \_____ 
00    00/ 00    00 |00 |     00    00 |00 |  00 |00 | 00 | 00 |00    00 |      00    00/ 00       |00       |
 000000/   0000000/ 00/       0000000/ 00/   00/ 00/  00/  00/  0000000/        000000/   0000000/  0000000/ 
                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
###################################################################################################################

Product: Wapkul Beta 3 SQL Injection Vulnerability
Vendor: Wapkul
Vendor Notification: Sept 3, 2013
Public Disclosure: Sept 10, 2013
Vulnerability Type: Sql Injection
Risk Level: High

Discovered and Provided By: 
Sarahma Security
Website : wwww.sarahma.co.id
Email : research@sarahma.co.id


========================
SQL Injection
========================
Found on Index.php at p parameter
http://localhost/wapkul/index.php?p=1{SQL_HERE}

========================
Solution :
========================
No Update Until This Advisory published

========================
Timeline:
========================
2013-09-03 Provided details vulnerability to vendor
2013-09-07 No Response From vendor
2013-09-08 Advisory published

#  0day.today [2024-12-26]  #