ICAL version 1.0 suffers from a remote SQL injection vulnerability.
365d857493ea945924644e4a436ab74b9d8e2d57980d365cd33cab7dc0464be3
**************************************************************************************************
| @@@@@@@@ @@@@@@@@@ @@ @@ @@@@@ @@ @@ @@@@@@@@ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @@@ @ @ @ @ @ @ @ @ @ @ @ |
| @@@@@@@@ @@@ @@@ @ @ @ @ @ @ @ @ @ @@@@@@@@ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ |
| @@@@@@@@ @ @ @ @ @ @@@@@ @ @ @ @@@ @@@@@@@@ |
**************************************************************************************************
==================================================================================================
[~] Exploit Title: ICAL - SQL Injection Bug
[~] Google Dork: inurl:"newsreader.php?nid="
[~] Date: 20/8/2012
[~] Exploit Author: Samim.s
[~] Version: 1.0
[~] Tested on: Se7en & XP
==================================================================================================
[+] SQLi Exploit :
Http://WebSite.Com/[path]/newsreader.php?nid=[SQLi]
[+] Demo :
Http://Quran-Etrat.com/newsreader.php?nid=[SQLi]
==================================================================================================
[*] GreetZ To: Mr.XpR - UnknowN - Mr.EBI - SaMaN.BiLiZ - FarbodEzrael - CyruSoft - And All IRaNHaCK Member & Iranian HaCkerZ
==================================================================================================