dr.t3rr0r
Official Website


today : | at : | safemode : ON
> / home / terror / public_html /
name author perms com modified label

Xsosys Technology Web Development Sql Injection Vulnerablity dr.t3rr0r rwxr-xr-x 0 2:38 AM

Filename Xsosys Technology Web Development Sql Injection Vulnerablity
Permission rw-r--r--
Author dr.t3rr0r
Date and Time 2:38 AM
Label
Action 
[#] Exploit Title : Xsosys Technology Web Development Sql Injection

Vulnerablity



[#] Exploit Author : dr.t3rr0r ( AnonCoders )



[#] Vendor Homepage : http://www.xsosys.com/



[#] Google Dork : Powered by Xsosys inurl:php?id=



[#] Date: 2015-08-02



[#] Tested On : Windows , Linux



=========================================================



[+] Severity Level          :- High





[+] Request Method(s)       :- GET / POST





[+] Vulnerable Parameter(s) :- id





[+] Affected Area(s)        :- Entire admin, database, Server







[+] POC                     :- http://127.0.0.1/XXX.php?page=[SQL]'





The sql Injection web vulnerability can be be exploited by remote

attackers without any privilege of web-application user account or

user interaction.





[#] Demos :



http://www.gaiascience.com.mm/show_event.php?id=21'



http://www.gaiascience.com.sg/show_content.php?id=26'



http://www.gaialifeinternational.com/show_content.php?id=23'





[#] Greetz To : AnonCoders Team



[#] Discovered by : dr.t3rr0r
 
 
Exploit4Arab 

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

Template © IT is Unknown! Use To Learn ! Learn to Hack ! Hack to Learn ! Hack to Use ! | by dr.t3rr0r |
VB (Vio b374k) Template design by dr.t3rr0r