++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Exploit Title: Voila Cms Blind SQL Injection Vulnerability # # + Exploit Author: Ashiyane Digital Security Team # # + Home : www.Ashiyane.org # # + Vendor Homepage: www.arabengineeringindustries.org # # + Category: Web Application # # + Software Link: www.voilasyria.com # # + Tested on: Windows 7 # # + Dork: intext:"Powerd by Voila" & inurl:"id=" # # ============================================================= +Location:site/*.php?id={injecthere}[SQL] # # +DEm0:http://www.arabengineeringindustries.org/view/page/page.php?id=1[SQL] +DEm0:http://zainabshrine-damas.org/cms/viewPage.php?id=87[SQL] ++++++++++++++++++++++++++++++++++ ====================================== * Greetz to: My Lord Allah * Sp Tnx To: Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,am118,PrinceofHacking,Alireza66,Amirh03in,B4b4K KH4TaR,sil3nt and all Ashiyane Security [ Researcher Team AND Deface Team ] * The Last One : My Self, tr0janman ******* --------------------------------------------