Revolution Technologies cms SQL Injection

2013.05.07
Credit: Iranian_Dark_Coders_Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: inurl:\"/page.php?IDMenu=\" and Developed by Revolution Technologies

############################ # # [+] Author: Iranian_Dark_Coders_Team # [+] Home: WwW.IDC-TeaM.NeT # [+] Exploit Title: SqlInjection in Revolution Technologies cms # [+] Date: 07-05-2013 # [+] Category: WebApp # [+] Google Dork: inurl:"/page.php?IDMenu=" and Developed by Revolution Technologies # [+] Discovered By : Black.Hack3r # [+] We Are M.R.S.CO,N3O,UB313,Black.Hack3r # ############################### # # Proof: # 127.0.0.1/[PATH]/page.php?IDMenu=[SQLI] # OR # 127.0.0.1/[PATH]/page.php?IDMenu=[SQLI]&IDLang=2[SQLI] # ############################## # # For example : # # http://ifoX.com/page.php?IDMenu=838&IDLang=2 # http://qts.revoXtechnologies.net/page.php?IDMenu=851&IDLang=2 # http://revolutXologies.eu/page.php?IDMenu=861 # http://buildXntechnologies.net/page.php?IDMenu=848&IDLang=2‎ # http://www.qtXme.com/page.php?IDMenu=839&IDLang=2 # http://www.oXda.bg/page.php?IDMenu=106&IDLang=2 # http://www.sX-golf.de/page.php?IDMenu=853&IDLang=1 # http://jobaXmy.org/page.php?IDMenu=891 # http://desXsign.com/page.php?IDMenu=849&IDLang=2 # http://ginaeXnn.com/page.php?IDMenu=834&IDLang=2 # http://clinicalX.bg/page.php?IDMenu=846 # http://new.wXXvel.bg/page.php?IDMenu=835&IDLang=2 # http://oXXoda.com/page.php?IDMenu=878&IDLang=2 # ###############################

References:

http://WwW.IDC-TeaM.NeT


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top