Home / exploits Wapkul Beta 3 SQL Injection Vulnerability
Posted on 01 October 2013
##################### ______ __ ______ / / | / /000000 | ______ ______ ______ 00 |____ _____ ____ ______ /000000 | ______ _______ 00 \__00/ / / / 00 / / / 00 \__00/ / / | 00 000000 |/000000 |000000 |0000000 |000000 0000 | 000000 | 00 /000000 |/0000000/ 000000 | / 00 |00 | 00/ / 00 |00 | 00 |00 | 00 | 00 | / 00 | 000000 |00 00 |00 | / \__00 |/0000000 |00 | /0000000 |00 | 00 |00 | 00 | 00 |/0000000 | / \__00 |00000000/ 00 \_____ 00 00/ 00 00 |00 | 00 00 |00 | 00 |00 | 00 | 00 |00 00 | 00 00/ 00 |00 | 000000/ 0000000/ 00/ 0000000/ 00/ 00/ 00/ 00/ 00/ 0000000/ 000000/ 0000000/ 0000000/ ##################### Product: Wapkul Beta 3 SQL Injection Vulnerability Vendor: Wapkul Vendor Notification: Sept 3, 2013 Public Disclosure: Sept 10, 2013 Vulnerability Type: Sql Injection Risk Level: High Discovered and Provided By: Sarahma Security Website : wwww.sarahma.co.id Email : research@sarahma.co.id ======================== SQL Injection ======================== Found on Index.php at p parameter http://localhost/wapkul/index.php?p=1{SQL_HERE} ======================== Solution : ======================== No Update Until This Advisory published ======================== Timeline: ======================== 2013-09-03 Provided details vulnerability to vendor 2013-09-07 No Response From vendor 2013-09-08 Advisory published
