| शीर्षक | Everywhere – SQL Injection vulnerability |
|---|
| विवरण | #Exploit Title: Everywhere – SQL Injection vulnerability
#Date: 2020/07/02
#Exploit Author: Mostafa Farzaneh
#Vendor Homepage: www.s2-everywhere.com
#Google Dork: "Design by Everywhere"
#Category: webapps
#Tested On: windows 10, Firefox
#Software Link: s2-everywhere.com
Proof of Concept:
1-Search google Dork: "Design by Everywhere"
Demo : http://www.acinverter.com.tw/product.php?uid=32&id=36[Sql Injection vulnerability]
Demo : http://www.maxcomm.com.tw/news_detail.php?id=965dc505-3d6f-aa0a-dbf8-0e6acddd5bc6[Sql Injection vulnerability]
*********************************************************
#Discovered by: Mostafa Farzaneh from PywebSecurity Team
#Telegram: @pyweb_security
********************************************************* |
|---|
| स्रोत | ⚠️ www.s2-everywhere.com |
|---|
| उपयोगकर्ता | pyweb-security (UID 11883) |
|---|
| सबमिशन | 14/08/2020 04:18 PM (6 साल पहले) |
|---|
| संयम | 17/08/2020 08:06 AM (3 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 159954 [Everywhere CMS पहचान SQL इंजेक्शन] |
|---|
| अंक | 17 |
|---|