Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection

EDB-ID:

13816

CVE:





Platform:

PHP

Date:

2010-06-10


Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection Vulnerability
Vendor url:http://www.miniweb2.com/
Version:2.0
Price:250$
Published: 2010-06-10
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW members.
Spl Greetz to:inj3ct0r.com Team

#####################################################################################################################################################################################################

Description:

Miniweb 2.0 is designed for those who want to transform a brochure site into a dynamic Web 2.0 site that attracts tons of traffic and sales. This CMS applicationcomes with 21 modules:
Affiliate Wiz, Auto Ezine, Blog Writer, Classified Ads, Custom Shop, Directory, Events Calendar, FAQ Manager, Form Maker, Forum, Groups, Help Desk, Job Board, Link Shortener, Media Album, My Amazon, Online Store, Publisher, Site Builder, Survey Pro, and Text Ads. It's also one of the easiest content management systemsto install and administer: just plug and play. There is no need to change your Web design because the system will integrate with it 100%. The modules share a common admin, member system, user interface, photo and video upload, work flow, and database, which result in an extremely pleasant user experience. Miniweb 2.0 has worked wonder for many sites by boosting their traffic and sales. Now is your turn to try it, use it, and profit from it! 

#######################################################################################################################################################################################################

Vulnerability:

*SQLi Vulnerability

DEMO URL :http://[site]/index.php?module=[sqli]

# 0day n0 m0re #