XCreativa suffers from a remote SQL injection vulnerability.
fc937f0ea0bfefdb9dffe345bbe5949806ec91cc4c8e0b6286c03e51a7977eeb
==> ABOUT ME:
--- TAURUS OMAR
--- INDEPENDENT SECURITY RESEARCHER
--- ACCESOILEGAL.BLOGSPOT.COM
--- @omartaurus
--- omar-taurus[at]dragonsecurity[dot]org
--- omar-taurus[at]live[dot]com
===> INFO:
Author : TAURUS OMAR
Category : Webapps / 0day
Title Exploit : XCreativa - SQL Injection Vulnerability
Vendor : XCreativa
URL Vendor : http://www.xcreativa.com/
Google Dork : intext:"Sitio Web Creado por XCreativa"
==> SAMPLE'S SQLi:
http://www.recrearte23.com.ar/articulo.php?id=6 [SQL Injection]
http://rsembarcaciones.com/embarcacion.php?id=24 [SQL Injection]
http://www.cmfbsas.org.ar/revista.php?id=10 [SQL Injection]
http://www.paypurix.com/contacto_es.php?id=1 [SQL Injection]
http://www.clubrenault18argentina.com/comentarios.php?&up=80 [SQL Injection]
MORE IN GOOGLE..