CMS PUNTOPY SQL Injection

CMS PUNTOPY SQL Injection: Posted May 6, 2014; Authored by Felipe Andrian Peixoto; CMS PUNTOPY suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | eaa6b822df51a218305e7b93ebd17c7dba80bc9043aaf9e64d3041648d6adea9; Download | Favorite | View

CMS PUNTOPY SQL Injection

[+] Sql Injection on CMS PUNTOPY
[+] Date: 06/05/2014
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Vendor Homepage: http://www.grupopuntopy.com/
[+] Contact: felipe_andrian@hotmail.com
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: novedad.php
[+] Exploit : http://host/novedad.php?ID=[SQL Injection] 
[+] PoC:  http://www.ipale.com.py/pisos-revestimientos/novedad.php?id=51
          http://www.ztdistribuciones.com.py/novedad.php?ID=8
          http://www.seguroslaagricola.com.py/novedad.php?id=10
[+] Admin Page: http://host/admin/

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CMS PUNTOPY SQL Injection

CMS PUNTOPY SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

CMS PUNTOPY SQL Injection

Share This

CMS PUNTOPY SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems