SQL Injection

digisol.az 05 November 2017, 20:48

Detailed information

Have SQL injection on site.
By using this weakness possible Steal sensitive information from the site (Passwords, site structure, etc.)

Version~10.0.30-MariaDB-0+deb8u2~ (Debian)
Primary Database~digisol_db216
No Of Databases~2
No Of Tables~12
Password: 477b20d49dddd4f70c3e683f5b379595
Login razim
For find user name we used Error log file (digisol.az/error_log)

[14-May-2016 04:30:07 America/Chicago] PHP Warning: mysql_connect(): Access denied for user 'wwwwebde_digisol'@'localhost' (using password: YES) in /home/wwwwebde/public_html/demo/digisol/hsadmin/Config.php on line 7

Panel /hsadmin


  • 06 March 2018, 10:54
    Vulnerability status
    Have not any information from source

  • 07 November 2017, 16:50
    Vulnerability status
    Sended e-mail to source about vulnerability

  • 07 November 2017, 16:37
    Added point to Vulnerability
    Moderator gave 5 point from 10 to vulnerability

  • 07 November 2017, 16:37
    Vulnerability status
    Confirmed by Moderator

  • 05 November 2017, 20:48
    Vulnerability added
    Vulnerability added to BUGemot