360ideas Cms Sql Injection Vulnerabilitiy

2012-04-04 15:09:23
Inviato da: irist.ir

a bug in 360ideas Cms that allows to us to occur
a Sql Injection on a Remote machin.




########################################################
#
# Exploit Title : 360ideas Cms Sql Injection Vulnerabilitiy
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir
#
# Software Link : http://www.360ideas.com/
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork : "Site by 360ideas"
#
########################################################
#
# Expl0iTs :
#
# [TarGeT]/event.php?id=[Sql]
#
# D3m0 :
#
# wabahome.com/event.php?id=101[Sql]
#
# concoconstruction.com/event.php?id=106[Sql]
#
# terradynecountryclub.com/event.php?id=100[Sql]
#
#########################################################
#
# Greats : Zarbat.Org - Aria-Security.Com - datacoders.org - black-hg.org
#
# Security7.ir - AjaxTm.Com - Sepehr-Team.Org And All Iranian Hackers
#
#########################################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.