AEPL IT Solution CMS SQL Injection

2015.12.24

Credit: Jahesh Security Team

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:"Designed & Developed by @ AEPL IT Solution"

 |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|--------------------------------------------------------------|
|[+] Exploit Title: AEPL IT Solution CMS SqL Bug
|[+]
|[+] Exploit Author: Jahesh Security Team
|[+]
|[+] Vendor Homepage: http://aeplitsolution.in/
|[+]
|[+] Google Dork: intext:"Designed & Developed by @ AEPL IT Solution"
|[+]
|[+] Date: 23 Dec 2015
|[+]
|--------------------------------------------------------------|
|[+] Examples :
|[+]
|[+] http://fire.aeplitsoluXtion.in/product-show.php?pid=71
|[+]
|[+] http://www.puruliaXhotels.com/tourist_place2.php?pid=5
|[+]
|[+] http://www.ideallXeisureholiday.com/abroad/packages_details.php?pid=194
|[+]
|[+] http://www.bizpXroimpex.com/hardware_product/product2.php?pid=10
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : Mr.Curse
|
|[+]Thanks:T!nk3r-Black Diamond-WereWolf98-2Dadash
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

AEPL IT Solution CMS SQL Injection

Dork: intext:"Designed & Developed by @ AEPL IT Solution"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.