İlk defa burada paylasacagim bir exploit.
Basit bir SQL İnj. Acik id=01 parametresinde bulunuyor. Diger parametrelerde SQL hatası almazsınız.
Ayni zamanda cxsecurity'de de paylaşılmıştır.
https://cxsecurity.com/issue/WLB-2016100269
<------------------ header data start ------------------- >
################################################## ###########
# Application Name : SQL Injections in Some Brand Sites
# Vulnerable Type : SQL İnjection
# Google Dork: inurl:"/core_typ/" "php?id=01"
# Author: fl3xpl0it aka KurokoTetsuya
# Date: 28.10.2016
# Tested On Demo Sites:
[+] High River Ford ::
[+] T & T Honda ::
< ------------------- header data end of ------------------- >
Basit bir SQL İnj. Acik id=01 parametresinde bulunuyor. Diger parametrelerde SQL hatası almazsınız.
Ayni zamanda cxsecurity'de de paylaşılmıştır.
https://cxsecurity.com/issue/WLB-2016100269
<------------------ header data start ------------------- >
################################################## ###########
# Application Name : SQL Injections in Some Brand Sites
# Vulnerable Type : SQL İnjection
# Google Dork: inurl:"/core_typ/" "php?id=01"
# Author: fl3xpl0it aka KurokoTetsuya
# Date: 28.10.2016
# Tested On Demo Sites:
[+] High River Ford ::
[+] T & T Honda ::
< ------------------- header data end of ------------------- >