DIGIT Israelian CMS Blind SQL Injection Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044806 漏洞类型
发布时间 2013-07-14 更新时间 2013-07-14
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013070110
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
   010101010101010101010101010101010101010101010101010101010
   0                                                       
   1    Iranian Datacoders Security Team 2010 - 2013       
   0                                                       
   1               WWW.DataCoders.Org                      
   010101010101010101010101010101010101010101010101010101010

####################################
# Exploit Title:  DIGIT Israelian CMS Blind SQL Injection Vulnerability	   
# Date: 14/07/2013                                                         
# Author: IR-DataCoders                                                    
# Vendor Link: http://www.dig-it.co.il/		                               
# Price: 666.98 US Dollar												   
# Version :  All                                                           
# Platform / Tested on: asp/windows 2003                                   
# Google Dork: intext:"Site by DIGIT"								       
# Category: webapplications                                                
# Code : [BSQL injection]                                                   
# Our Website: http://www.datacoders.org/                                  
####################################


PoC : 
http://site/default.asp?langId=2[bsql injection]


Live demo : 
http://www.idXan.com/Default.asp?PageId=37938&FragmentId=398655[bsql injection]
http://www.stuXdiotino.co.il/default.asp?langId=2[bsql injection]
http://www.asicoXhen.com/Default.asp?LangId=2[BSQL Injection]
http://www.sdXle.co.il/default.asp?langId=2[BSQL Injection]


Good Luck 
 
###################################
# We Are: H-SK33PY | Immortal Boy | D4rkC0d3 | Noter |  Rezous^Nihasa   | Monster佝ace |   #
# | Stormy | Dr.Mute | M0ri | patriotic | black_king |  XPro0grammer | VRAnonymous         #
#                                                                                          #
#                                                                                          #
#     Special Thanks to :																   #
#		Pejvak , l3l4ck.$c0rpi0n , Satanic2000 , Hellboy , A.Cr0x , Ahmadbady , S3Ri0uS    #
#                                                                                          #
#                           And All Iranian DataCoders Members                             #
#                                                                                          #
#                            Don't Forget => WwW.DataCoders.Org                            #    
###################################