Lws-Construction Management version 1.0 suffers from a remote SQL injection vulnerability.
c36d0e7573f5f4c6286e5bac90efe9861de5a2a98a92164fd1b110577fac9378
========================================================================
| # Title : Lws-Construction Management 1.0 SQL Injection Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on: windows 8.1 Français V.(Pro)
| # Vendor : https://www.lws.fr/
========================================================================
poc :
http://batim.com/actualites.php?id_actualite=9 (inject her)
http://www.hugo-duras.com/actualites.php?id_actualite=21 (inject her)
Greetz :
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar*
Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be
---------------------------------------------------------------------------------------------------------------