Millenium cms Sql Injection vulnerability

2018.03.09

IRANIAN ETHICAL HACKERS (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Designed by Reza Farzam"

[+] Exploit Title ; Millenium cms Sql Injection vulnerability

[+] Date : 2018-03-09

[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS

[+] Vendor Homepage : http://www.srm.co.ir/

[+] Dork : intext:"Designed by Reza Farzam"

[+] Forum : irethicalhackers.com/forums

[+] Tested On : windows 10 - kali linux 2.0

[+] Contact : https://telegram.me/WebServer

[+] Description :

	[!] Millenium is a personal content management

[+] Poc : 

[+] Security Level :

	[!] Medium

[+] Exploitation Technique:

	[!] Remote

[+] Request Method :

	[!] GET

[+] Vulnerability Files :

		[!] index.php

[+] web application technology: Apache

[+] back-end DBMS: MySQL

[+] Parameter: id (GET)
    [!] Type: boolean-based blind
    [!] Title: AND boolean-based blind - WHERE or HAVING clause
    [!] Payload: id=1 AND 6987=6987

[+] Target :

	[!] http://www.irva.ir/index.php/AircraftShop/listProducts?id=1

[+] Fix :

	[!] Restrict user input or replace bad characters

[+] We Are : [+] 0P3N3R

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Millenium cms Sql Injection vulnerability

Dork: intext:"Designed by Reza Farzam"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.