icomex cms (Content Management Solutions) sql injection vulnerability

2011-11-27T00:00:00
ID SECURITYVULNS:DOC:27350
Type securityvulns
Reporter Securityvulns
Modified 2011-11-27T00:00:00

Description

Exploit Title: icomex cms sql injection vulnerability

Author : XaDaL

Link : http://www.icomex.com/

Tested on : windows

google dork : This site is powered by Content Management Systems from icomex

===[ POC ]===

=x= http://site/html/Home.htm?article_id=[SQL]

=x= http://site/html/services.htm?article_id=[SQL]

=x= http://site/html/updates.htm?article_id=[SQL]

=x= http://site/html/News.htm?article_id=[SQL]

Thank's to:

Magelangcyber Team, Indonesiancoder family

xr0b0t ,kaMtiez,1bliez,jundab,boebefa,ulow,ryanaby,kampret0

virgi,hakz,dr.CruZz,geni212,red robot ,anharku,jos_ali_joe

arianom,tukulesto,cimpli,contrex,t3ll0,el-farhatz, hakz

aya..tunggu abang pulang ya : :

buat para galau's selamat menggalau . =)) tak ada cewek'sabunpun jadi =))