Studio Dinitz and Ccom suffers from a remote SQL injection vulnerability.
225a83c56e8290dd0edc0c2a3d27ab72e6d5cdc6180bc4a03fe4d0319b61229f
.___ .___ .__
| | ____ __| _/ ____ ____ ____ ______|__|_____
| | / \ / __ | / _ \ / \ _/ __ \ / ___/| |\__ \
| || | \/ /_/ | ( <_> )| | \\ ___/ \___ \ | | / __ \_
|___||___| /\____ | \____/ |___| / \___ >/____ >|__|(____ /
\/ \/ \/ \/ \/ \/
[~]===========================================================================[~]
# Exploit Title: Studio Dinitz & Ccom SQL Injection Vulnerability
# Author: tempe_mendoan
# Software Link: http://www.dinitz.co.il/ & http://www.ccom.co.il/
# Contact: anu :D
[~]===========================================================================[~]
PoC/Exploit:
~~~~~~~~~~
SQL injection vulnerability :
http://website/info.asp?CategoryID=[SQL injection]
http://website/product.asp?cat=[SQL injection]
http://website/about.asp?aboutnum=[SQL injection]
And All . xixiixxi :D
Dork:
~~~~~~~~~~
Google :
1. intext:"Design: Studio Dinitz | Powered By: Ccom"
2. intext:"Powered By: Ccom"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greats T0 :
./ And All My Friend
Note :
./ I Love You Dila :*