Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Infopublica Solutions SQL Injection

🗓️ 14 Jun 2011 00:00:00Reported by RoAd_KiLlErType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 40 Views

Infopublica Solutions SQL Injection vulnerability discovered in web applications developed by INFOPUBLICA S.A. Since 1978, the company offers reliable information in industry, marketing, and hospitality markets. All pages are vulnerable to SQL Injection, allowing unauthorized access to the database. The vulnerability was discovered in June 2011 and an advisory was released two days later by **RoAd_KiLlEr** of the Albanian Hacking Crew

Code
`=========================================================================  
INFOPUBLICA Solutions SQL-i Vulnerability   
==========================================================================  
  
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=  
+=+=+= +=+=+=  
+=+=+= /\ | | | | ________ _____ _____ __ _ __ +=+=+=  
+=+=+= / \ | |__| | _____ / ______/ | _ \ | ____|\ \ / \ / / +=+=+=  
+=+=+= / /\ \| |__| | /_____/ | | | |_) / | |__ \ \/ \/ / +=+=+=  
+=+=+= / ____ \ | | | | |_______ | __\ \ | __| \ / +=+=+=  
+=+=+= /_/ \_\| | | |________/ |_| \_\ | |_______\_____/_____ +=+=+=  
+=+=+= |_____________________|+=+=+=  
+=+=+= +=+=+=  
+=+=+= X-n3t - **RoAd_KiLlEr** - The|Denny` - The_1nv1s1bl3 +=+=+=  
+=+=+= +=+=+=  
+=+=+= 0ne Nation , 0ne People , 0ne Culture , 0ne Language = Ethnic Albania +=+=+=  
+=+=+= +=+=+=  
+=+=+= ....::: | ALBANIAN HACKING CREW | :::.... 2011 +=+=+=  
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=  
0 0  
1 ########################################### 1  
0 I'm **RoAd_KiLlEr** member from 1337 DAY Team 1  
1 ########################################### 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
  
[+]Title :....... INFOPUBLICA Solutions SQL-i Vulnerability   
[+]Author :......**RoAd_KiLlEr**  
[+]Tested on :...Win Xp Sp 2/3   
---------------------------------------------------------------------------  
[~] Founded by **RoAd_KiLlEr**  
[~] Team: Albanian Hacking Crew  
[~] Contact: sukihack[at]gmail[dot]com  
[~] Home: http://1337day.com/author/2447 & http://road-killer.blogspot.com  
[~] Vendor: http://www.infopublica.gr  
  
==========ExPl0iT3d by **RoAd_KiLlEr**==========  
  
  
  
[+] DORK: Copyright © 1999 - 2011 INFOPUBLICA S.A  
  
  
  
[+] Description:  
  
Since 1978 Infopublica S.A. (a Greek publishing company) has been offering reliable information in the markets of industry, marketing and hospitality through print and online publications, helping executives make the right decisions. The relationship the company has established with its readers makes it a valuable partner also to its advertisers who want their message to reach successfully a niche market.  
  
  
  
[ I ]. SQL-i Vulnerability  
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+  
  
  
  
[+++] Note: Every web page developed INFOPUBLICA S.A is vulnerable to Sql-Injection.  
  
Use the Dork to find websites,than find any "php" file with "id" parameter [ index.php?id=].  
  
Input passed to the "id" parameter in the "index.php" is not properly sanitised before being used in SQL queries.   
  
  
  
  
  
  
[P0C]: http://127.0.0.1/index.php?id= [ SQL-INJECTION]  
  
  
  
  
[L!v3 D3m0's]:  
  
  
  
http://www.plant-management.gr/index.php?id='14229  
  
http://www.hotel-restaurant.gr/index.php?id='10149  
  
http://www.publicity-guide.gr/index.php?id='11666  
  
  
  
  
  
[+] TIME TABLE:  
  
13 June 2011 - Vulnerability discovered.  
15 June 2011 - Advisory released.  
  
  
===========================================================================================  
[!] Albanian Hacking Crew   
===========================================================================================  
[!] **RoAd_KiLlEr** says: FUCK BDI,Mbasi jeni qaq lesha me votu BDI,Ishalla jav venon kishat ke Shpija. PDSH 4 Life.   
===========================================================================================  
[!] MaiL: sukihack[at]gmail[dot]com  
===========================================================================================  
[!] Greetz To : Ton![w]indowS | X-n3t | The|DennY` | THE_1NV1S1BL3 | KHG & All Albanian/Kosova Hackers  
===========================================================================================  
[!] Spec Th4nks: r0073r | indoushka in Jail :( | Sid3^effects | jdc from jeffchannell.com | DoNnY | MaFiTeRRoR |  
| bda.a7v | Sifu | L0NnY | All 1337day Members | And All My Friendz  
===========================================================================================  
[!] Red n'black i dress eagle on my chest  
It's good to be an ALBANIAN  
Keep my head up high for that flag I die  
Im proud to be an ALBANIAN  
===========================================================================================  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 Jun 2011 00:00Current
0.2Low risk
Vulners AI Score0.2
infopublica solutionssql injectionweb applicationsinfopublica s.avulnerabilityunauthorized accessdatabaseadvisory**road_killer**albanian hacking crewjune 2011
40