Softplace CMS Remote SQL Injection Vulnerability

2012-01-23T00:00:00
ID 1337DAY-ID-17423
Type zdt
Reporter ITTIHACK
Modified 2012-01-23T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Softplace CMS Remote SQL Injection Vulnerability

       Software : Softplace                                                                    
       Date     : 1/23/2012                                           	
       Vendor   : http://softplace.it ( Commercial )                                                               
       Dork     : intext:"Powered by Softplace"	                                   
       Author   : ITTIHACK                                                      
       Home     : http://ittihack.com                                                            
	   
                                                                                																				
Vulnerable File : index.php  |  index_int.php

Exploit         : http://site/path/index.php?pag=[SQLi]
                  http://site/path/index_int.php?pag=[SQLi]
               
Demo Sites      : http://www.anlaids.org/web/index.php?pag=8
                  http://www.lavoro.provincia.vercelli.it/portaleweb/vc_portale/index_int.php?pag=136
                  http://www.rnre.eu/rnre/index.php?pag=19


                                                                                              
Solution        : The Vendor was contacted to fix this vulnerability as soon as possible. Keep your software up-to-date



#  0day.today [2018-03-13]  #