SQL injection

Detailed information

Saytda SQL İnjection mövcuddur.
Bu boşluqdan istifadə edərək saytda yerləşdirilmiş məlumatları (Parollar, saytın strukturu və s. əldə etmək olar)
Saytda 720 userin mail ve sifresi + 2600 istifadeci - onlar haqqinda melumat (yasayir yeri,tehsil,ixtisas,ev unvanlari,telefonlari,ip adress,maas, ad ve soyad, vezife ve.s) oyrenmek olar
Sql inject here : is-elani.info/index.php?sehife=haqqinda&cv_id=4252

Comments

02 November 2016, 13:38
Vulnerability status
Have not any information from source
04 October 2016, 10:03
Added point to Vulnerability
For translate of bug gived 5 point to translator
04 October 2016, 10:03
Added point to Vulnerability
For translate of bug gived 1 point to translator
16 September 2016, 17:15
Vulnerability status
Sended e-mail to source about vulnerability
14 September 2016, 10:12
Added point to Vulnerability
Moderator gave 5 point from 10 to vulnerability
14 September 2016, 10:11
Vulnerability status
Confirmed by Moderator
11 September 2016, 23:47
Vulnerability added
Vulnerability added to BUGemot

is-elani.info 11 September 2016, 23:47

Detailed information

Comments

BUG TYPE

ABOUT VULNERABILITY

SQL injection

is-elani.info 11 September 2016, 23:47

Detailed information

Comments

BUG TYPE

ABOUT VULNERABILITY

LOGIN

REGISTER