Sum Technologies SQL Injection

2014-07-22T00:00:00
ID PACKETSTORM:127571
Type packetstorm
Reporter th3rockst3r
Modified 2014-07-22T00:00:00

Description

                                        
                                            `# Exploit Author:Th3 R0cksT3r  
# Exploit Title: Sum Technologies (id) SQL Injection Vulnerability  
# Email: th3rockst3r@gmail.com  
# Vendor Homepage: http://www.sumtechnologies.com/  
# Google Dork: intext:"Powered by Sum Technologies"  
  
  
  
Proof Of Concept:  
  
  
1. https://server/elf_erecting.php?id=[SQL Injection]  
2. http://server/index.php?do=view_model&id=[SQL Injection]  
3. http://server/about.php?id=[SQL Injection]  
  
  
  
# Greetz:Bangladesh Black HAT Hackers  
`