======================================================================== | # Title : WEBONE CMS 6 SQL Injection Vulnerability | # Author : indoushka | # email : indoushka4ever@gmail.com | # Tested on: windows 8.1 Français V.(Pro) | # Vendor : http://webone.com.tw/ ======================================================================== Dork : intext:"Power by WEBONE" inurl:pk= poc : http://webone.com.tw/works_con.php?pk=116 (inject her) http://jolinn-pethouse.com.tw/about.php?lang=zh (inject her) Greetz : jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar* Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be * Mojtaba MobhaM ---------------------------------------------------------------------------------------------------------------