Russian Hospitals CMS SQL Injection

2016.02.21

Credit: Azerbaijan Cyber Army

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:Разработано: tolmachev.org

|[+] Exploit Title: Russian Hospitals Cms SQL Injection
|[+]
|[+] Exploit Author: M4ni4c
|[+]
|[+] Team Name: Azerbaijan Cyber Army
|[+]
|[+] Official Website: http://az-cyber.org/
|[+]
|[+] Vendor Homepage: http://tolmachev.org/
|[+]
|[+] Google Dork: intext:Разработано: tolmachev.org
|[+]
|[+] Date: 19.02.2016
|[+]
|--------------------------------------------------------------|
|[+] Exploit: page.php?page_id=X
|[+]
|[+]Admin panel: /admin/admin.php
|[+]
|[+] Examples:
|[+]
|[+] http://med-olimp.ru/page.php?page_id=1
|[+]
|[+] http://doctorvolkova.ru/page.php?page_id=4
|[+]
|[+] http://tamag.ru/page.php?page_id=1
|[+]Thanks: KroNiqs, Niko, Riko, Dado, Sprited
|[+] And Thanks My Friends: F3D4I & skyRA

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Russian Hospitals CMS SQL Injection

Dork: intext:Разработано: tolmachev.org

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.