Voila CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
eb568c55d31a6a7aa5bae7695951f99bfa77f3f0839b3f1edebeef4d17193784++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Exploit Title: Voila Cms Blind SQL Injection Vulnerability #
#
+ Exploit Author: Ashiyane Digital Security Team #
#
+ Home : www.Ashiyane.org #
#
+ Vendor Homepage: www.arabengineeringindustries.org #
#
+ Category: Web Application #
#
+ Software Link: www.voilasyria.com #
#
+ Tested on: Windows 7 #
#
+ Dork: intext:"Powerd by Voila" & inurl:"id=" #
#
=============================================================
+Location:site/*.php?id={injecthere}[SQL]
#
#
+DEm0:http://www.arabengineeringindustries.org/view/page/page.php?id=1[SQL]
+DEm0:http://zainabshrine-damas.org/cms/viewPage.php?id=87[SQL]
++++++++++++++++++++++++++++++++++
======================================
* Greetz to: My Lord Allah
* Sp Tnx To:
Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,am118,PrinceofHacking,Alireza66,Amirh03in,B4b4K KH4TaR,sil3nt and all
Ashiyane Security [ Researcher Team AND Deface Team ]
* The Last One : My Self, tr0janman
*******
--------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed