وبلاگ شخصی Omid.Developer

اکسپلویت : کشف باگ SQL از سیستم مدیریت محتوای RoyalWays

کشف باگ SQL از سیستم مدیریت محتوای RoyalWays


لینک اثبات


###########################

# RoyalWays CMS  SQL Injection vulnerability

###########################

==========================================================================================================
[+]@~Exploit Title : RoyalWays CMS  SQL Injection vulnerability
[+]
[+]@~Exploit Author : Omid.Developer
[+]
[+]@~Telegram : @Omid_Developer
[+]
[+]@~Vendor Homepage : www.royalways.com
[+]
[+]@~Portfolio : http://www.royalways.com/portfolio1.html
[+]
[+]@~Google Dork : intext:"SITE CREDIT: ROYALWAYS"
[+]
[+]@~Tested on : Windows 7,GNU Linux,Windows XP
==========================================================================================================
[+] @~Location :
[+]
[+]    /product-detail.php?id=[SQLi]
[+]    /page.php?id=[SQLi]
[+]
[+] @~Demo:
[+]
[+]   http://torex.co.in/product-detail.php?id=5
[+]
[+] @~Demo 2 :
[+]
[+]   http://pruto.co.in/page.php?id=1
[+]
+---------------------------------------------------------+
[+]~Discovered By : Omid.Developer
==========================================================================================================
  • ۲۳۵
Designed By Erfan Powered by Bayan