کشف باگ SQL از سیستم مدیریت محتوای آرتان

اکسپلویت : کشف باگ SQL از سیستم مدیریت محتوای RoyalWays

Omid Developer
دوشنبه ۱۲ مهر ۹۵

کشف باگ SQL از سیستم مدیریت محتوای RoyalWays

###########################

# RoyalWays CMS  SQL Injection vulnerability

###########################

==========================================================================================================
[+]@~Exploit Title : RoyalWays CMS  SQL Injection vulnerability
[+]
[+]@~Exploit Author : Omid.Developer
[+]
[+]@~Telegram : @Omid_Developer
[+]
[+]@~Vendor Homepage : www.royalways.com
[+]
[+]@~Portfolio : http://www.royalways.com/portfolio1.html
[+]
[+]@~Google Dork : intext:"SITE CREDIT: ROYALWAYS"
[+]
[+]@~Tested on : Windows 7,GNU Linux,Windows XP
==========================================================================================================
[+] @~Location :
[+]
[+]    /product-detail.php?id=[SQLi]
[+]    /page.php?id=[SQLi]
[+]
[+] @~Demo:
[+]
[+]   http://torex.co.in/product-detail.php?id=5
[+]
[+] @~Demo 2 :
[+]
[+]   http://pruto.co.in/page.php?id=1
[+]
+---------------------------------------------------------+
[+]~Discovered By : Omid.Developer
==========================================================================================================

۶۷۹

اکسپلویت : کشف باگ SQL از سیستم مدیریت محتوای آرتان

Omid Developer
جمعه ۱۸ تیر ۹۵

کشف باگ SQL Injection Web Vulnerability در Artaan CMS

لینک اثبات Iedb

ویدیو آموزشی

###########################

# Artaan CMS  SQL Injection vulnerability

###########################

====================================================================
[+]@~Exploit Title : Artaan CMS  SQL Injection vulnerability
[+]
[+]@~Exploit Author : Omid.Developer
[+]
[+]@~Telegram : @Omid_Developer
[+]
[+]@~Vendor Homepage : http://artaan.ir/
[+]
[+]@~Portfolio : http://artaan.ir/projects.php
[+]
[+]@~Google Dork : intext:"Design and Development by Artaan Group"
[+]
[+]@~Tested on : Windows 7,GNU Linux,Windows XP
====================================================================
[+] @~Location :
[+]
[+]    /products-cat.php?id=[SQLi]
[+]   /products-single.php?id=[SQLi]
[+]   /product.php?cat=[SQLi]
[+]
[+] @~Demo:
[+]
[+]   http://royan-sport.com/products-single.php?id=80
[+]
[+] @~Demo 2 :
[+]
[+]   http://sepidaj.com/product.php?cat=1
[+]
+---------------------------------------------------------+
[+]~Discovered By : Omid.Developer
====================================================================

۶۴۹