[FD] (0day) IBOOKING CMS - SQL INJECTION

2015-09-15 Thread INURL Brasil
*# VENTOR: * www.ibooking.com.br *# Vulnerable versions:* ALL *# File: *filtro_faixa_etaria.php *# Parameter: * idPousada(GET) *# DORK: * intext:"Desenvolvido por ibooking" *# Reported:* 15/10/2015 # --

[FD] (0DAY) WebDepo -SQL injection / INURL BRASIL

2015-03-27 Thread INURL Brasil
Advisory: SQLi-vulnerabilities in aplication CMS WebDepo Affected aplication web: Aplication CMS WebDepo (Release date: 28/03/2014) Vendor URL: http://www.webdepot.co.il Vendor Status: 0day == Vulnerability Description: == Records and client practi