Exploit MyCustomers CMS 1.3.873 - SQL Injection

[Exploiter]

EDB-ID

38830

Проверка EDB

1. Пройдено

Автор

PERSIAN HACK TEAM

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

N/A

Дата публикации

2015-11-30

MyCustomers CMS 1.3.873 - SQL Injection

######################
# Exploit Title : MyCustomers Cms Sql Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.iran-php.com/
# Google Dork : "Powered By IranPHP" & inurl:/index.php?DPT=IP17 & "Powered+by+MyCustomers-1.3.873"
# Date: 2015/11/28
# Version :  1.3
# 
######################
# Vulnerable Paramter DPT=
# Demo:
# http://server/index.php?DPT=IP17%27
#
# Youtube : https://www.youtube.com/watch?v=43DVOq5L2hw
#
# We reported to vendor but Anyone not responsive
# It's not joke
# We do not take responsibility
#
######################
# Discovered by : 
# Mojtaba MobhaM & T3NZOG4N ([email protected])
######################