==================================================================================== # Exploit Title: Elevel It Cms SQL Injection Vulnerability # Exploit Author: Blackwolf_Iran # Date: November - December 2015 # Email: blackwolf@post.com # Vendor Homepage: http://www.elevel.it/ # OUR SITE : https://iranonymous.org/ |==================================================================================== # {INFO} # SQL Injection Vulnerability |==================================================================================== # {DORK} # intext:"Web Design By Elevel" inurl:?id= |==================================================================================== # {POC} # http://www.site.com/news.php?id=7[SQL Injection] # http://www.site.it/galleria.php?id=3[SQL Injection] # http://www.ascentproject.eu/project_forumnews.php?id=4[SQL Injection] |==================================================================================== # {DEMO} # 01: http://www.marinogiada.com/news.php?id=7 # 02: http://www.siatautomazioni.it/news_dettaglio.php?id=21 # 03: http://www.agenziaimmobiliareborghesi.com/annunci.php?id=200 # 04: http://www.libertasravenna.it/news.php?id=41 # 05: http://www.alfredolando.it/galleria.php?id=3 # 06: http://www.ascentproject.eu/project_forumnews.php?id=4 # 07: http://ravenna.azinet.it/aziende/articoli-stampati-gomma-membrane-guarnizioni/42119/link.php?id=42119 # 08: http://www.dribblingravenna.it/news.php?id=187 # 09: http://www.intermed-shipping.it/multimedia.php?id=2 # 10: www.emporiodellapietra.it/news.php?id=2 |==================================================================================== # {TNX For} # >>> Mr.khatar - Hacker Khan ; # >>> Discovered By Blackwolf_Iran |==================================================================================== The END ; Good Luck :D:D:D