Vulners
Lucene search
SPC v4.2 - SQL Injection Vulnerability
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [x] Official Website: http://www.1337day.com 0
1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1
0 0
1 ========================================== 1
0 Taurus Omar From Inj3ct0r TEAM 1
1 ========================================== 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
| |
| C _:_ A | SPC v4.2 - SQL Injection Vulnerability | C _:_ A |
--------------------------------------------------------------------------
==> ABOUT ME:
--- TAURUS OMAR
--- INDEPENDENT SECURITY RESEARCHER
--- ACCESOILEGAL.BLOGSPOT.COM
--- @omartaurus
--- omar-taurus[at]dragonsecurity[dot]org
--- omar-taurus[at]live[dot]com
===> INFO:
Author : TAURUS OMAR
Category : Webapps / 0day
Title Exploit : SPC - SQL Injection Vulnerability
Vendor : SPC - Sistemas De Publicacion De Contenido
URL Vendor : www.spc.com.es/
Google Dork : intext:Powered by SPC v4.2 Š
==> EXAMPLE:
http://site.com/frontend/directory/noticia.php?id_noticia=1&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX
http://site.com/frontend/directory/seccion.php?id_seccion=14&PHPSESSID=0bac915a2adcb93cf992XXXXXXX
==> QUIT PARAMETER
&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX
==> EXPLOIT:
http://site.com/frontend/directory/noticia.php?id_noticia=1
http://site.com/frontend/directory/seccion.php?id_seccion=14
==> SAMPLE'S SQLi:
http://www.infohipertension.com/frontend/infohipertension/seccion.php?id_seccion=11
http://www.impotenciamasculina.com/frontend/impotenciamasculina/noticia.php?id_noticia=598
http://www.asmainfantil.com/frontend/asmainfantil/noticia.php?id_noticia=484
http://www.incontinenciaurinaria.com/frontend/incontinenciaurinaria/seccion.php?id_seccion=198
http://www.infoartritis.com/frontend/infoartritis/seccion.php?id_seccion=208
http://www.lacasadelalergico.com/frontend/lacasadelalergico/noticia.php?id_seccion=156&id_noticia=466
MORE IN GOOGLE..
# 0day.today [2018-02-19] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Jun 2012 00:00Current
7.1High risk
Vulners AI Score7.1