Detailed information
Saytda SQL İnjection mövcuddur.
Bu boşluqdan istifadə edərək saytda yerləşdirilmiş məlumatları (Parollar, saytın strukturu və s. əldə etmək olar)
Sql inject here : http://www.shirvanshah.az/index.php?id=4
1) username: webius
password : e10adc3949ba59abbe56e057f20f883e md5 hash (123456)
2) username: admin
password : c471e1b446b505784a1e5112d52aeeaf md5 hash (testermode)
Screens
Comments
-
16 December 2016, 14:34
Vulnerability status
Have not any information from source -
24 October 2016, 10:29
Vulnerability status
Sended e-mail to source about vulnerability -
23 October 2016, 13:43
Added point to Vulnerability
Moderator gave 7 point from 10 to vulnerability -
23 October 2016, 13:36
Vulnerability status
Confirmed by Moderator -
22 October 2016, 13:07
Vulnerability changed
Vulnerability "SQL injection" changed -
19 October 2016, 14:45
Vulnerability cancelled
Boshlughu tesdiq etmek uchun screenshotlar yollasaniz yaxshi olardi. -
16 October 2016, 12:53
Vulnerability added
Vulnerability added to BUGemot