Dolphin Smart Community Builder Sql Injection Vulnerability

2010-08-19T00:00:00
ID 1337DAY-ID-13754
Type zdt
Reporter H-SK33PY
Modified 2010-08-19T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===========================================================
Dolphin Smart Community Builder Sql Injection Vulnerability
===========================================================

   010101010101010101010101010101010101010101010101010101010    
   0                                                       0
   1        Iranian Datacoders Security Team 2010
   0                                                       0
   010101010101010101010101010101010101010101010101010101010


# Exploit Title: Dolphin Smart Community Builder Sql Injection Vulnerability         
# Date: 19/08/2010                             
# Author: H-SK33PY                      
# Software Link: http://www.boonex.com/dolphin/download/
# Version :  N/A 
# Platform / Tested on: linux 
# Google Dork : inurl:"viewPage.php?ID=" & intext:"Powered by _Dolphin Smart Community Builder"
# Category: webapplications
# Code : [SQLi]

#BUG:#########################################################################

After find bug for injection at sites run SQL Inject :


example : 
http://site.com/viewPage.php?id=1[SQLi]

Go admin page :

http://site.com/admin/

demo : 

http://www.skatesetup.com/viewPage.php?id=[SQLi Injection ]


Good Luck 


#############################################################################
Our Website : http://www.datacoders.ir
Contact me : [email protected]
Special Thanks to : Immortal Boy & Sp|R|T & all iranian datacoders members

#############################################################################



#  0day.today [2018-01-10]  #