Digital Creations works Sql injection Vulnerability

2017.01.20
ir Ormazd (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:"Newsvi.php?n=" or intext:"Powered By Digital Creations"

########################## # Exploit Title: Digital Creations works Sql injection Vulnerability # Google Dork : inurl:"Newsvi.php?n=" or intext:"Powered By Digital Creations" # Date: 2017-01-16 # Exploit Author: Ormazd # Vendor Homepage: cre3d.net # Version: all # Tested on : Win 10 ########################## # We Are Iranian Anonymous # # you can find Sql injection Vulnerability in news and other page of cms http://www.Site.com/Newsvi.php?n=[inject here] Admin panel http://www.Site.com/admincp/login.php .... Demo: http://eshalmnzel.com/Newsvi.php?n=51 http://www.rpp.com.sa/Newsvi.php?n=52 http://www.tashreaat.com.sa/NewsVi.php?n=2 http://www.eshalmnzel.com/en/Newsvi.php?n=48 .... ############################# #Thanks to : MR.Khatar ||Turk-Khan || Blackwolf_Iran ||ll_azab-siyah_ll ||Sh@d0w ||Hellish_PN And All Of Iranian Anonymous .


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top